Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8228752

Define standard names for EC curves and TLS signature schemes

    XMLWordPrintable

Details

    • CSR
    • Resolution: Approved
    • P3
    • 14
    • security-libs
    • None
    • minimal
    • Java API, System or security property

    Description

      Summary

      Define standard names for EC curves, TLS named groups and TLS signature schemes.

      Problem

      There are no standard names defined for these algorithms which are used in various APIs and system/security properties. Defining standard names will improve compatibility.

      Solution

      Add 2 new sub-sections to the "Additional JSSE Standard Names" section of the Java Security Standard Algorithm Names specification defining the standard names for TLS Named Groups and Signature Schemes. Also add a table for standard names for elliptic curves (used in the java.security.spec.ECGenParameterSpec API) to the "ParameterSpec Names" section.

      Specification

      See the specification (docs/specs/security/standard-names.html) in the attached "spec.zip" file. The new sections are:

      1. The "ParameterSpec Names" section starting with the text "The ECGenParameterSpec class in the java.security.spec package may be used to specify a set of elliptic curve parameters using the following names." The standard names are: sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1.

      2. The "Signature Schemes" sub-section of "Additional JSSE Standard Names". The standard names are: ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ecdsa_sha1, ed25519, ed448, rsa_pkcs1_sha1, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512.

      3. The "Named Groups" sub-section of "Additional JSSE Standard Names". The standard names are: sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, secp224r1, secp256k1, secp256r1, secp384r1, secp521r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, x25519, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192.

      Attachments

        Issue Links

          csr of

          Enhancement - null JDK-8210755 Define standard names for EC curves and TLS signature schemes

          • P3 - Major loss of function.
          • Resolved

          Activity

            People

              mullan Sean Mullan
              xuelei Xuelei Fan
              Xuelei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: