Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8079693

Add support for ECDSA P-384 and P-521 curves to XML Signature

    Details

      Backports

        Description

        XML Signature 1.1 recommends that implementations support ECDSA over the P-384 and P-521 prime curves; see http://www.w3.org/TR/xmldsig-core1/#sec-ECDSA.

        We used to support these curves (as well as the required P-256 curve); however the implementation was dependent on internal APIs which changed and inadvertantly broke the behavior. So, we removed the dependency on the internal APIs in JDK-8046724 but we only added support for P-256.

        We should also restore the behavior for P-384 and P-521 as technically this is a regression. Not supporting these is not good for interoperability as other vendors already support them; for more details see the XML Signature 1.1 Interop Test Report: http://www.w3.org/TR/xmldsig-core1-interop/

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  juh Jason Uh (Inactive)
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: