Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8042967

Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes

    Details

    • Subcomponent:
    • Resolved In Build:
      b52
    • Verification:
      Verified

      Backports

        Description

        The *withDSA Signature implementations generate the signature bytes as an ASN.1 DER-encoded sequence of r and s (this is what Signature.sign() returns and Signature.verify() accepts). This is in contrast to other standards such as XML Signature and implementations such as JSS and MSCrypto that do not DER encode the bytes.

        When writing code that interoperates with those other systems or implementations, developers have commonly resorted to using the unsupported, internal sun.security.util APIs, using 3rd-party libraries that support an ASN.1 API, or writing the code themselves to convert the signature into an acceptable form.

        Thus, it would be useful to add a variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes. This could be accomplished by adding an AlgorithmParameterSpec subclass to indicate this, and calling the existing Signature.setParameter() method before signing or verifying.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  juh Jason Uh (Inactive)
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Due:
                    Created:
                    Updated:
                    Resolved: