Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8243558

JDK Provider Guide should document that DSA signature generation is now subject to a key strength check

    Details

      Backports

        Description

        The contents of the release note (https://bugs.openjdk.java.net/browse/JDK-8149394) should be added to the Sun provider section of the JDK Providers Guide, probably as a note in the Signature/DSA row:

        "For signature generation, if the security strength of the digest algorithm is weaker than the security strength of the key used to sign the signature (e.g. using (2048, 256)-bit DSA keys with SHA1withDSA signature), the operation will fail with the error message: "The security strength of SHA1 digest algorithm is not sufficient for this key size."

        See https://www.oracle.com/technetwork/java/javase/8u91-relnotes-2949462.html

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  rgallard Raymond Gallardo
                  Reporter:
                  mullan Sean Mullan
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: