Details
-
CSR
-
Resolution: Approved
-
P3
-
None
-
behavioral
-
minimal
-
Java API
-
SE
Description
Summary
Update existing security classes and "Java Security Standard Algorithm Names" (see https://docs.oracle.com/javase/10/docs/specs/security/standard-names.html) with PKCS#1 "RSA Cryptography Specifications" version 2.2 (RFC 8017) which obsoletes version 2.1 (RFC 3447)
Problem
PKCS#1 v2.2 (RFC 8017) clarifies some ASN.1 data structures and adds new algorithms. Existing JDK security APIs and crypto providers support most but not all algorithms in PKCS#1 v2.1 and need to be updated to support PKCS#1 v2.2.
Solution
- Update all PKCS#1 v2.1 references with the PKCS#1 v2.2 standard and its ASN.1 syntax
- Enhance existing RSA-related classes for supporting RSASSA-PSS keys which may contain parameters
- Add RSASSA-PSS (Probabilistic Signature Scheme) implementation support to SunRsaSign provider
- Add the support of SHA-512/224 and SHA-512/256 digests to the OAEPPadding impl of RSA Cipher implementation in SunJCE provider
- Update the standard name documentation with RSASSA-PSS
Specification
Please see the attached "webrev8190180.zip" file which contains changes on all public classes and interfaces.
Attachments
Issue Links
- csr of
-
JDK-8146293 Add support for RSASSA-PSS Signature algorithm
-
- Resolved
-
- relates to
-
JDK-8243338 RSSSSA-PSS keys generated from similar KeySpec don't match
-
- Resolved
-