RFR[8u41]: MR 3 - ALPN & RSASSA-PSS in Java SE 8

Bradford Wetmore bradford.wetmore at oracle.com
Thu Nov 14 02:05:02 UTC 2019


Xuelei/Valerie (+ any other codereviewers),

As announced on jdk8u-dev[1], there is a Maintenance Release in progress 
for Java SE 8 (i.e. JSR 337) [2] to include two security features 
important for TLS 1.3:

1.  Application-Layer Protocol Negotiation (ALPN) [3][4]
2.  RSA Signature Scheme with Appendix: Probabilistic Signature Scheme 
(RSASSA-PSS) [5][6]

The Enhancement and CSR IDs are footnoted above/below.

To ensure compatibility across the active Java releases, we are 
backporting the APIs introduced in Java SE 9 and 11 respectively to Java 
SE 8.

This email is a Request For Review (RFR) of the two major pieces for 
this MR:

1.  ALPN:
     http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/ALPN

2.  RSASSA-PSS:
     http://cr.openjdk.java.net/~wetmore/MR3-codereview-8u41/open/PSS

This includes the updates to the Specification and Reference 
Implementation (RI), which will be called JDK 8u41 [7].

Almost all of these changes are direct copies of the changesets applied 
in JDK 9+.

In addition to these features:

1.  The file ADDITIONAL_LICENSE_INFO was added, which is identical to 
the same file in later releases.

2.  Truncated MessageDigests (i.e. SHA-512/224, SHA-512/256) were added 
to the SUN Provider to support the corresponding truncated RSASSA-PSS 
Signatures.

Thanks,

Brad

[1] 
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010573.html
[2] https://www.jcp.org/en/jsr/detail?id=337
[3] https://bugs.openjdk.java.net/browse/JDK-8230977
[4] https://bugs.openjdk.java.net/browse/JDK-8233417
[5] https://bugs.openjdk.java.net/browse/JDK-8230978
[6] https://bugs.openjdk.java.net/browse/JDK-8233418
[7] http://hg.openjdk.java.net/jdk8u/jdk8u41/


More information about the jdk8u-dev mailing list