Details
-
Type:
Enhancement
-
Status: Resolved
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 16
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Resolved In Build:b21
Description
We need to support RSASSA-PSS (https://tools.ietf.org/html/rfc4056) and EdDSA (https://www.rfc-editor.org/rfc/rfc8419.html) for jar signing. This would include:
0. Decide the proper block type name: "RSASSA-PSS" is a little long, "EdDSA" contains a lowercase letter.
1. Support new block types in SignatureFileVerifier.java
2. Translate between sigAlg and encAlg/digestAlg in AlgorithmId.java
3. Support for SHAKE256 name and OID in AlgorithmId.java
4. Updates to jarsigner tooldoc and JAR file spec
5. Tests
0. Decide the proper block type name: "RSASSA-PSS" is a little long, "EdDSA" contains a lowercase letter.
1. Support new block types in SignatureFileVerifier.java
2. Translate between sigAlg and encAlg/digestAlg in AlgorithmId.java
3. Support for SHAKE256 name and OID in AlgorithmId.java
4. Updates to jarsigner tooldoc and JAR file spec
5. Tests
Attachments
Issue Links
- csr for
-
JDK-8245274 Signed JAR support for RSASSA-PSS and EdDSA
-
- Closed
-
- duplicates
-
JDK-8230420 digestEncryptionAlgorithm in SignerInfo isn't using full signature algorithm for EC
-
- Closed
-
- relates to
-
JDK-8255536 Remove the directsign property and option
-
- Resolved
-
-
JDK-8255494 PKCS7 should use digest algorithm to verify the signature
-
- Closed
-
-
JDK-8166597 Crypto support for the EdDSA Signature Algorithm
-
- Resolved
-
-
JDK-8254942 Update the JAR file spec on EC and RSA signature block types
-
- Resolved
-
(1 relates to, 2 links to)
1.
|
JAR spec change for JDK-8242068 |
|
New | Unassigned | |
2.
|
Release Note: Signed JAR Support for RSASSA-PSS and EdDSA |
|
Closed | Weijun Wang |