RFR: 8172366: Support SHA-3 based signatures

Xue-Lei Andrew Fan xuelei at openjdk.java.net
Thu Sep 10 16:46:49 UTC 2020


On Thu, 10 Sep 2020 01:58:09 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

> Could someone please help review this RFE?
> 
> Enhance default JDK providers except SunPKCS11 with signatures using SHA-3 family of digests. SunPKCS11 provider will
> be updated separately (JDK-8242332).
> This changes covers SUN, SunRsaSign, and SunEC providers. Changes are straightforward, just add SHA-3 digests to
> various signature algorithms.
> Please review the corresponding CSR as well. It's at: https://bugs.openjdk.java.net/browse/JDK-8252260
> 
> Thanks!
> Valerie

src/java.base/share/classes/sun/security/provider/DSA.java line 56:

> 54:  * TLS among others. RawDSA expects the 20 byte SHA-1 digest as
> 55:  * input via update rather than the original data like other signature
> 56:  * implementations.

As you were already there, do you want to mention the IEEE P1363 format in the class description?  Maybe in the 1st
paragraph in the class spec.

-------------

PR: https://git.openjdk.java.net/jdk/pull/102



More information about the security-dev mailing list