-
Enhancement
-
Resolution: Fixed
-
P4
-
1.4.2
-
None
-
tiger
-
generic
-
generic
The standard format for DSA signature values is an ASN.1 sequence of the two integers R and S. ASN.1 always encodes integers in signed 2's complement format. However, some libraries apparently encode the values incorrectly in unsigned format, i.e. do not add a 0x00 prefix byte if the MSB is set.
It seems that some products accept those invalid signatures, including the Sun provider in J2SE releases prior to 1.4.1. The changeover from the old BigInt ASN.1 code to BigInteger now causes those signature validations to fail with "java.security.SignatureException: invalid signature: out of range values"
We may want to consider changing our code to accept incorrectly encoded signatures (again). Since our code is working as designed and per FIPS 186-2 and RFC3279, I am filing this as an RFE.
It seems that some products accept those invalid signatures, including the Sun provider in J2SE releases prior to 1.4.1. The changeover from the old BigInt ASN.1 code to BigInteger now causes those signature validations to fail with "java.security.SignatureException: invalid signature: out of range values"
We may want to consider changing our code to accept incorrectly encoded signatures (again). Since our code is working as designed and per FIPS 186-2 and RFC3279, I am filing this as an RFE.
- relates to
-
JDK-4808611 REGRESSION: DSA Signature Verification Fails (1.4.0 -> 1.4.1/1.4.1_01)
-
- Closed
-