RFR 8242068: Signed JAR support for RSASSA-PSS and EdDSA

Sean Mullan sean.mullan at oracle.com
Fri May 29 19:32:18 UTC 2020


On 5/23/20 4:21 AM, Weijun Wang wrote:
> CSR updated at https://bugs.openjdk.java.net/browse/JDK-8245274  with the full patch on docs.

Good to remove all of the DSA references :) I had a few comments, mostly 
wording suggestions:

- In the Problem section, you should add references to the RFCs.

- Solution section:

RSASSA-RSS and EdDSA keys can be used to signed a JAR file

typo: signed/signed

- Comments on the Specification section:

Some of this wording where you discuss what is going to be done in 
jarsigner and the tool doc seems more like it belongs in the Solution 
section, but it may be ok either way (not sure, I guess Joe will let you 
know if it is an issue).

+RSASSA-PSS  \<= 3072  RSASSA-PSS using SHA-256
+            \<= 7680  RSASSA-PSS using SHA-384
+            \> 7680   RSASSA-PSS using SHA-512

It might be better to be more specific, for example "RSASSA-PSS with the 
SHA-256 message digest algorithm" I used the term "with" as that is the 
word we use in the standard signature algorithm strings.

+pair using `-keyalg EdDSA`, user can specify `-keysize 255` or 
`-keysize 448`

s/user/a user/

+Ed25519 key pair is generated. User can also directly specifies 
`-keyalg Ed25519`

s/User/A user/
s/specifies/specify/

+ By default, the `jarsigner` command signs a JAR file using one of the 
following
+ algorithms files depending on the type and size of the private key:


Not your changes, but there is a grammar error above. I would also 
mention block files, since you have added it to the table, so how about:

"By default, the `jarsigner` command signs a JAR file using the 
following algorithms and block file extension depending on the type and 
size of the private key:"

+will use a new `PSSParameterSpec` parameters that is determined by the 
key's

s/a new/new/

+for keysize \<= 3072 bits, use a `PSSParameterSpec` with SHA-256 as the 
hash

s/use a `PSSParameterSpec`/a `PSSParameterSpec` will be used/

+and MGF1 algorithms; for keysize \<= 7680 bits, use SHA-384; for
+keysize \>= 7680 bits, use SHA-512.

s/use SHA-384/SHA-384 will be used/
s/use SHA-512/SHA-512 will be used/

--Sean




More information about the security-dev mailing list