Details
-
Bug
-
Resolution: Delivered
-
P4
-
None
-
b24
Description
The Signature::getParameters API can be used by a signer to combine its output along with the signature algorithm OID to create an algorithm identifier so that the verifier has enough info to verify the signature.
According to The ECDSA signature scheme for X.509 at https://datatracker.ietf.org/doc/html/rfc5758#section-3.2,
When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
as an AlgorithmIdentifier, the encoding MUST omit the parameters
field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one
component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-
SHA384, or ecdsa-with-SHA512.
Notice the "MUST omit the parameters field" words inside. However, Java's ECDSA impl allows setting parameters and returning it at https://github.com/openjdk/jdk/blob/29e0f1386d247731e8733f6fdd1307642b2b9f96/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java#L530.
According to The ECDSA signature scheme for X.509 at https://datatracker.ietf.org/doc/html/rfc5758#section-3.2,
When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
as an AlgorithmIdentifier, the encoding MUST omit the parameters
field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one
component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-
SHA384, or ecdsa-with-SHA512.
Notice the "MUST omit the parameters field" words inside. However, Java's ECDSA impl allows setting parameters and returning it at https://github.com/openjdk/jdk/blob/29e0f1386d247731e8733f6fdd1307642b2b9f96/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java#L530.
Attachments
Issue Links
- csr for
-
JDK-8286982 ECDSA signature should not return parameters
-
- Closed
-
- relates to
-
-
- Closed
-
