RFR: 8284553: Deprecate the DEFAULT static field of OAEPParameterSpec

Michael StJohns mstjohns at comcast.net
Tue Apr 12 02:46:31 UTC 2022 

On 4/11/2022 9:34 PM, Valerie Peng wrote:
> This trivial change is to deprecate the DEFAULT static field of OAEPParameterSpec class. Wordings are mostly the same as the previous PSSParameterSpec deprecation change. Rest are just minor code re-factoring.
>
> The CSR will be filed once review is somewhat finished.
>
> Thanks,
> Valerie
>
> -------------
>
> Commit messages:
>   - 8284553: Deprecate the DEFAULT static field of OAEPParameterSpec
>
> Changes:https://git.openjdk.java.net/jdk/pull/8191/files
>   Webrev:https://webrevs.openjdk.java.net/?repo=jdk&pr=8191&range=00
>    Issue:https://bugs.openjdk.java.net/browse/JDK-8284553
>    Stats: 42 lines in 1 file changed: 13 ins; 10 del; 19 mod
>    Patch:https://git.openjdk.java.net/jdk/pull/8191.diff
>    Fetch: git fetchhttps://git.openjdk.java.net/jdk  pull/8191/head:pull/8191
>
> PR:https://git.openjdk.java.net/jdk/pull/8191

Hi Valerie -

I think deprecating DEFAULT  is wrong.  RFC8017 still has this definition:

> RSAES-OAEP-params ::= SEQUENCE {
>         hashAlgorithm      [0] HashAlgorithm     DEFAULT sha1,
>         maskGenAlgorithm   [1] MaskGenAlgorithm  DEFAULT mgf1SHA1,
>         pSourceAlgorithm   [2] PSourceAlgorithm  DEFAULT pSpecifiedEmpty
>     }
and DEFAULT is what you should be getting if you see an empty sequence 
in the param field.  It's DEFAULT in ASN1 terms, not DEFAULT in terms of 
what you should use going forward  to create signatures, and the ASN1 
DEFAULT won't change.

In any event, I can't find where RFC8017 says anything about deprecating 
the defaults.  AFAICT, although there's general guidance to go away from 
SHA1,  the math suggests that SHA1 is still sufficient for OAEP,  and 
there's no guidance specific to OAEP's use of SHA1 that I can find other 
than the requirement in NIST SP800-56B rev 2 to use "Approved Hash 
Functions" for OAEP. If there's a section in 8017 that you're looking at 
for this guidance that I missed, you may want to update your comment to 
point to it.

Take care - Mike


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20220411/aaa5d423/attachment.htm>

More information about the security-dev mailing list