Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8190180

Add support for RSASSA-PSS Signature algorithm

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 11
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      minimal
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Update existing security classes and "Java Security Standard Algorithm Names" (see https://docs.oracle.com/javase/10/docs/specs/security/standard-names.html) with PKCS#1 "RSA Cryptography Specifications" version 2.2 (RFC 8017) which obsoletes version 2.1 (RFC 3447)

      Problem

      PKCS#1 v2.2 (RFC 8017) clarifies some ASN.1 data structures and adds new algorithms. Existing JDK security APIs and crypto providers support most but not all algorithms in PKCS#1 v2.1 and need to be updated to support PKCS#1 v2.2.

      Solution

      • Update all PKCS#1 v2.1 references with the PKCS#1 v2.2 standard and its ASN.1 syntax
      • Enhance existing RSA-related classes for supporting RSASSA-PSS keys which may contain parameters
      • Add RSASSA-PSS (Probabilistic Signature Scheme) implementation support to SunRsaSign provider
      • Add the support of SHA-512/224 and SHA-512/256 digests to the OAEPPadding impl of RSA Cipher implementation in SunJCE provider
      • Update the standard name documentation with RSASSA-PSS

      Specification

      Please see the attached "webrev8190180.zip" file which contains changes on all public classes and interfaces.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              valeriep Valerie Peng
              Reporter:
              webbuggrp Webbug Group
              Reviewed By:
              Bradford Wetmore
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: