Summary

Add support for creating and verifying JARs signed with the ML-DSA algorithm and the PKCS #7 format as specified in RFC 9882.

Problem

ML-DSA is a post-quantum digital signature algorithm defined in FIPS 204. It can be used for general-purpose signing, including JAR file signatures. RFC 9882 specifies additional requirements for using ML-DSA within the Cryptographic Message Syntax (CMS), which is the PKCS #7 format of the signature block files inside signed JARs.

Solution

Add support for ML-DSA in JAR signing and verification. When the signing key is an ML-DSA key, jarsigner will automatically use the ML-DSA signature algorithm with the same parameter set, so the -sigalg option is not required. If user specifies a -sigalg option but does not match the key algorithm, jarsigner will report an error and fail.

Specification

In the table in Supported Algorithms, add a new row for ML-DSA and add a note

Modern digital signature algorithms such as EdDSA and ML-DSA use the same name for both the key and signature algorithms. Only the signature algorithm with the same name can be used with a given key algorithm. The specific signature parameter set (for example, Ed25519 or Ed448 for EdDSA) is the same as that of the key.

I also take this chance to number the notes to match cells in the table.

The rendered HTML page is attached.