Incorrect documentation

Jiva, Azeem javajiva at amazon.com
Tue Dec 17 23:43:32 UTC 2019


Security experts,

  The official Java Security Standard Algorithm Names incorrectly documents the Signature.*withECDSAinP1363Format algorithms as

SEQUENCE ::= { r INTEGER, s INTEGER }

This is incorrect. The IEEE P1363 Format is defined as concatenating the r and s values (with no ASN.1 encoding, but with appropriate padding). The implementations appear correct. This just appears to be a documentation issue.  The documentation for Java 11, 12, and 13 would need to be updated.

I refer you to the Wikipedia page [2], item #7 that has the relevant information



Thank you.


[1]:  https://docs.oracle.com/en/java/javase/12/docs/specs/security/standard-names.html#signature-algorithms
[2]: https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20191217/f2b13680/attachment.htm>


More information about the security-dev mailing list