Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8252377

Incorrect encoding for EC AlgorithmIdentifier

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • P3
    • Resolution: Fixed
    • 8-pool, 11-pool, 11-pool-oracle
    • 16
    • security-libs
    • None

    Description

      The AlgorithmIdentifier for ECDSA should omit the parameters field. See https://tools.ietf.org/html/rfc5758#section-3.2 :

         When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
         ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
         as an AlgorithmIdentifier, the encoding MUST omit the parameters
         field.

      However, the JDK encodes the parameters as NULL. The bug is in sun.security.x509.AlgorithmId.derEncode()

      Attachments

        Issue Links

          csr for

          CSR - null JDK-8253912 Incorrect encoding for EC AlgorithmIdentifier

          • P3 - Major loss of function.
          • Closed
          duplicates

          Bug - A problem which impairs or prevents the functions of the product. JDK-8246201 XEC AlgorithmId uses NULL as parameters

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          links to

          Commit Commit openjdk/jdk/0e855fe5

          Review Review openjdk/jdk/312

          Activity

            People

              hchao Haimay Chao
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: