Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8236145

Incorrect spec on ECDSA P1363 signature format

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 14
    • Component/s: security-libs
    • Labels:

      Backports

        Description

        The official Java Security Standard Algorithm Names incorrectly documents the Signature.*withECDSAinP1363Format algorithms as

        SEQUENCE ::= { r INTEGER, s INTEGER }

        This is incorrect. The IEEE P1363 Format is defined as concatenating the r and s values (with no ASN.1 encoding, but with appropriate padding). The implementations appear correct. This just appears to be a documentation issue. The documentation for Java 11, 12, and 13 would need to be updated.

        I refer you to the Wikipedia page [2], item #7 that has the relevant information

        [1]: https://docs.oracle.com/en/java/javase/12/docs/specs/security/standard-names.html#signature-algorithms
        [2]: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm

        Source: https://mail.openjdk.java.net/pipermail/security-dev/2019-December/021050.html

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                weijun Weijun Wang
                Reporter:
                weijun Weijun Wang
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: