RSASSA_PSS (for Certificates)
Bernd Eckenfels
ecki at zusammenkunft.net
Fri Jun 9 09:19:18 UTC 2017
Hello,
Are there any plans to support RSA PSS as a Signature algorithm?
https://bugs.openjdk.java.net/browse/JDK-8146293
In the german energy market RSA PSS is used for signing messages, and authorities demand to use it also for certificate signatures (RFC 4055) starting with 2018. This is somewhat paranoid but hey, it's a field requirement.
At the moment BouncyCastle can be used as a Signature provider and if also used to create X509Certificate objects it can even verify the Signature.
BTW: when the BC provider is registered the JDK X509Certificate.verify() finds the RSA PSS OID and uses the BC implementation, however the verification fails for non-Standard parameters (which is not uncommon since people try to avoid SHA1 in MFG1j as it does not parse and set the aproperiate parameters.
I wonder if the modularity of X509Certificate could be enhanced to allow that? Having an option to extract ParameterSpec from a random signature block would certainly be a nice feature (similar to looking up the algorithm itself by OID)
BTW there was some discussion on PKCS#11 supporting it - I think the Athena PKCS11 lib with their JCOS based IDProtect tokens supports RSAPSS as an mechanism.
But I guess that are three different topic, JCE Signature, X509CertExtension and PKCS11 mechanism.
Gruss
Bernd
--
http://bernd.eckenfels.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20170609/3230af95/attachment.htm>
More information about the security-dev
mailing list