Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8228752

Define standard names for EC curves and TLS signature schemes

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 14
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Risk:
      minimal
    • Interface Kind:
      Java API, System or security property

      Description

      Summary

      Define standard names for EC curves, TLS named groups and TLS signature schemes.

      Problem

      There are no standard names defined for these algorithms which are used in various APIs and system/security properties. Defining standard names will improve compatibility.

      Solution

      Add 2 new sub-sections to the "Additional JSSE Standard Names" section of the Java Security Standard Algorithm Names specification defining the standard names for TLS Named Groups and Signature Schemes. Also add a table for standard names for elliptic curves (used in the java.security.spec.ECGenParameterSpec API) to the "ParameterSpec Names" section.

      Specification

      See the specification (docs/specs/security/standard-names.html) in the attached "spec.zip" file. The new sections are:

      1. The "ParameterSpec Names" section starting with the text "The ECGenParameterSpec class in the java.security.spec package may be used to specify a set of elliptic curve parameters using the following names." The standard names are: sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1.

      2. The "Signature Schemes" sub-section of "Additional JSSE Standard Names". The standard names are: ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ecdsa_sha1, ed25519, ed448, rsa_pkcs1_sha1, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512.

      3. The "Named Groups" sub-section of "Additional JSSE Standard Names". The standard names are: sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, x25519, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              xuelei Xuelei Fan
              Reviewed By:
              Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: