-
Type:
Bug
-
Resolution: Duplicate
-
Priority:
P4
-
None
-
Affects Version/s: 7
-
Component/s: security-libs
-
None
Back in PKCS #7 1.5 (https://tools.ietf.org/html/rfc2315#section-9.2), this field contains a digestAlgorithm and a digestEncryptionAlgorithm, and we use SHA-1 and RSA.
Then in CMS (https://tools.ietf.org/html/rfc2630#section-5.3), the 2nd field is renamed to signatureAlgorithm although https://tools.ietf.org/html/rfc2630#section-12.2.2 still claims RSA is a signature algorithm (Attention: not SHA1withRSA).
Then in the ECC CMS (https://tools.ietf.org/html/rfc5753#section-2.1.1), “signatureAlgorithm contains the signature algorithm identifier (see Section 7.1.3): ecdsa-with-SHA1,…” (i.e. SHA1withECDSA). However, Java is still using only the key algorithm EC as digestEncryptionAlgorithm (we never renamed the field).
Then in CMS (https://tools.ietf.org/html/rfc2630#section-5.3), the 2nd field is renamed to signatureAlgorithm although https://tools.ietf.org/html/rfc2630#section-12.2.2 still claims RSA is a signature algorithm (Attention: not SHA1withRSA).
Then in the ECC CMS (https://tools.ietf.org/html/rfc5753#section-2.1.1), “signatureAlgorithm contains the signature algorithm identifier (see Section 7.1.3): ecdsa-with-SHA1,…” (i.e. SHA1withECDSA). However, Java is still using only the key algorithm EC as digestEncryptionAlgorithm (we never renamed the field).
- duplicates
-
JDK-8242068 Signed JAR support for RSASSA-PSS and EdDSA
-
- Resolved
-