RSASSA_PSS (for Certificates)
Bradford Wetmore
bradford.wetmore at oracle.com
Fri Jun 9 22:11:58 UTC 2017
Don't know if you've noticed, but JDK-8146293 is marked as "In Progress".
The companion JSSE bug is: JDK-8166595.
Brad
On 6/9/2017 2:19 AM, Bernd Eckenfels wrote:
> Hello,
>
> Are there any plans to support RSA PSS as a Signature algorithm?
> https://bugs.openjdk.java.net/browse/JDK-8146293
>
> In the german energy market RSA PSS is used for signing messages, and
> authorities demand to use it also for certificate signatures (RFC 4055)
> starting with 2018. This is somewhat paranoid but hey, it's a field
> requirement.
>
> At the moment BouncyCastle can be used as a Signature provider and if
> also used to create X509Certificate objects it can even verify the
> Signature.
>
> BTW: when the BC provider is registered the JDK X509Certificate.verify()
> finds the RSA PSS OID and uses the BC implementation, however the
> verification fails for non-Standard parameters (which is not uncommon
> since people try to avoid SHA1 in MFG1j as it does not parse and set the
> aproperiate parameters.
>
> I wonder if the modularity of X509Certificate could be enhanced to allow
> that? Having an option to extract ParameterSpec from a random signature
> block would certainly be a nice feature (similar to looking up the
> algorithm itself by OID)
>
> BTW there was some discussion on PKCS#11 supporting it - I think the
> Athena PKCS11 lib with their JCOS based IDProtect tokens supports RSAPSS
> as an mechanism.
>
> But I guess that are three different topic, JCE Signature,
> X509CertExtension and PKCS11 mechanism.
>
> Gruss
> Bernd
> --
> http://bernd.eckenfels.net
>
>
More information about the security-dev
mailing list