Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8230978

Add support for RSASSA-PSS Signature algorithm (Java SE 8)

XMLWordPrintable

        PKCS#1 v2.2 (RFC 8017) provides recommendations for the implementation of public-key cryptography based on the RSA algorithm [RSA].

        Existing Java SE security APIs and JDK crypto providers support most but not all algorithms in PKCS#1 and need to be updated to support PKCS#1 v2.2.

        This enhancement was made to Java SE 11. To preserve compatibility with newer platform releases, the Java SE 11 RSASSA-PSS APIs will be backported to Java SE 8.

        Solution
        --------
          - Update all PKCS#1 v2.1 references with the PKCS#1 v2.2 standard and
        its ASN.1 syntax
          - Enhance existing RSA-related classes for supporting RSASSA-PSS keys
        which may contain parameters
          - Add RSASSA-PSS (Probabilistic Signature Scheme) implementation
        support to SunRsaSign provider
          - Add the support of SHA-512/224 and SHA-512/256 digests.
          - Add the support of SHA-512/224 and SHA-512/256 digests to the
            OAEPPadding impl of RSA Cipher implementation in SunJCE provider

        There are 7 changesets that should be backported to provide this
        feature: 2 API and 5 minor bug fixes:

        APIs
        JDK-8146293: Add support for RSASSA-PSS Signature algorithm
        JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

        Bug Fixes
        JDK-8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails
        JDK-8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
            Fixes to JDK-8146293 to accommodate Bouncy Castle behavior

        JDK-8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support
            Fix for JDK-8146293 to handle non-null EC parameters

        JDK-8215694: keytool cannot generate RSASSA-PSS certificates

        JDK-8205720: KeyFactory#getKeySpec and translateKey throws NullPointerException with Invalid key

          There are no Sub-Tasks for this issue.

              wetmore Bradford Wetmore
              wetmore Bradford Wetmore
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: