Loading...

XML

Word

Printable

Type: CSR
Resolution: Approved
Priority: P3
Fix Version/s: 11.0.9-oracle
Component/s: security-libs
Labels:
None

Subcomponent:
java.security
Compatibility Kind:

behavioral
Compatibility Risk:
minimal
Compatibility Risk Description:
Before this fix, a -sigalg must always be specified for an RSASSA-PSS key. Now it's not necessary.
Interface Kind:

add/remove/modify command line option
Scope:
JDK

Summary

Define the default signature algorithm of an RSASSA-PSS key for keytool and jarsigner.

Problem

Both keytool and jarsigner support default signature algorithms when no -sigalg is specified. For example, SHA256withRSA for an RSA key. We need to define one for an RSASSA-PSS key.

Currently, an error occurs if it's not provided:

$ keytool -genkeypair -keyalg rsassa-pss -storepass changeit -dname CN=A
keytool error: java.lang.IllegalArgumentException: Cannot derive signature algorithm from RSASSA-PSS

Solution

The default signature algorithm for an RSASSA-PSS key is RSASSA-PSS.

Specification

diff --git a/closed/src/java.base/share/man/keytool.md b/closed/src/java.base/share/man/keytool.md
--- a/closed/src/java.base/share/man/keytool.md
+++ b/closed/src/java.base/share/man/keytool.md
@@ -1241,16 +1241,17 @@
 algorithm (`-sigalg` option) is derived from the algorithm of the underlying
 private key to provide an appropriate level of security strength as follows:

-keyalg   keysize   default sigalg
--------  --------  --------------
-DSA      any size  SHA256withDSA
-RSA      \<= 3072  SHA256withRSA
-         \<= 7680  SHA384withRSA
-         \> 7680   SHA512withRSA
-EC       \< 384    SHA256withECDSA
-         \< 512    SHA384withECDSA
-         = 512     SHA512withECDSA
--------  --------  --------------
+keyalg      keysize   default sigalg
+----------  --------  --------------
+DSA         any size  SHA256withDSA
+RSA         \<= 3072  SHA256withRSA
+            \<= 7680  SHA384withRSA
+            \> 7680   SHA512withRSA
+EC          \< 384    SHA256withECDSA
+            \< 512    SHA384withECDSA
+            = 512     SHA512withECDSA
+RSASSA-PSS  any size  RSASSA-PSS
+----------  --------  --------------

 **Note:**

diff --git a/closed/src/jdk.jartool/share/man/jarsigner.md b/closed/src/jdk.jartool/share/man/jarsigner.md
--- a/closed/src/jdk.jartool/share/man/jarsigner.md
+++ b/closed/src/jdk.jartool/share/man/jarsigner.md
@@ -226,16 +226,17 @@
 By default, the `jarsigner` command signs a JAR file using one of the following
 algorithms files depending on the type and size of the private key:

-keyalg   keysize   default sigalg
--------  --------  --------------
-DSA      any size  SHA256withDSA
-RSA      \<= 3072  SHA256withRSA
-         \<= 7680  SHA384withRSA
-         \> 7680   SHA512withRSA
-EC       \< 384    SHA256withECDSA
-         \< 512    SHA384withECDSA
-         = 512     SHA512withECDSA
--------  --------  --------------
+keyalg      keysize   default sigalg
+----------  --------  --------------
+DSA         any size  SHA256withDSA
+RSA         \<= 3072  SHA256withRSA
+            \<= 7680  SHA384withRSA
+            \> 7680   SHA512withRSA
+EC          \< 384    SHA256withECDSA
+            \< 512    SHA384withECDSA
+            = 512     SHA512withECDSA
+RSASSA-PSS  any size  RSASSA-PSS
+----------  --------  --------------

 These default signature algorithms can be overridden by using the `-sigalg`
 option.

csr of

JDK-8248312 Default signature algorithm for an RSASSA-PSS key

Resolved

JDK-8249025 Default signature algorithm for an RSASSA-PSS key

Resolved

Assignee:: Prajwal Kumaraswamy

Reporter:: Weijun Wang

Reviewed By:: Prasadarao Koppula

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2020-06-25 03:48

Updated:: 2020-07-07 23:50

Resolved:: 2020-07-02 13:29

Details

Description

Summary

Problem

Solution

Specification

Attachments

Issue Links

Activity

People

Dates