-
Bug
-
Resolution: Fixed
-
P2
-
6, 6u19
-
b05
-
x86
-
windows_xp, windows_vista
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2184158 | 7 | Vincent Ryan | P3 | Closed | Fixed | b142 |
A DESCRIPTION OF THE REQUEST :
In the SunMSCAPI-Provider only these signature algorithms are implemented now:
SHA1withRSA
MD5withRSA
MD2withRSA
To create secure digital signatures we need at least:
SHA256withRSA.
New alogithms should be implemented easily, because MSCAPI already supports them. But they are not registered in the provider an cannot be added at runtime.
JUSTIFICATION :
Currently (2008), the existing algorithms are not sufficient anymore.
German law enforces higher security for all new digital signatures. I expect similar laws in other countries.
Enlish Info: http://www.bundesnetzagentur.de (English) -> Areas -> Electronic Signature -> Publications and Notifications -> Suitable Algorithms
German Info: http://www.bundesnetzagentur.de -> Sachgebiete -> Qualifizierte Elektronische Signatur ->Veröffentlichungen -> Geeignete Algorithmen
CUSTOMER SUBMITTED WORKAROUND :
The only workaround would be to recompile sunmscapi.jar from the sources.
(As suggested in RFE 6578658)
In the SunMSCAPI-Provider only these signature algorithms are implemented now:
SHA1withRSA
MD5withRSA
MD2withRSA
To create secure digital signatures we need at least:
SHA256withRSA.
New alogithms should be implemented easily, because MSCAPI already supports them. But they are not registered in the provider an cannot be added at runtime.
JUSTIFICATION :
Currently (2008), the existing algorithms are not sufficient anymore.
German law enforces higher security for all new digital signatures. I expect similar laws in other countries.
Enlish Info: http://www.bundesnetzagentur.de (English) -> Areas -> Electronic Signature -> Publications and Notifications -> Suitable Algorithms
German Info: http://www.bundesnetzagentur.de -> Sachgebiete -> Qualifizierte Elektronische Signatur ->Veröffentlichungen -> Geeignete Algorithmen
CUSTOMER SUBMITTED WORKAROUND :
The only workaround would be to recompile sunmscapi.jar from the sources.
(As suggested in RFE 6578658)
- backported by
-
JDK-2184158 Support SHA256 (and higher) in SunMSCAPI
-
- Closed
-
- duplicates
-
-
- Closed
-