<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Helvetica Neue";
panose-1:2 0 5 3 0 0 0 2 0 4;}
@font-face
{font-family:Menlo;
panose-1:2 11 6 9 3 8 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
code
{mso-style-priority:99;
font-family:"Courier New";}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">Hi,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> Following up here with </span>
<span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">suggested language for the section associated with the</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">*inP1363Format</span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">signatures.
I don’t have write access to the JBS bug as of yet.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-bottom:6.75pt"><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">The ECDSA signature algorithms, as defined by ANSI X9.62, with an output defined in IEEE P1363 format. Both</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">and</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">s</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">are
encoded as unsigned big-endian integers that have been padded to be equal in length to the curve order. The final encoded signature is the</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">and</span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">s
</span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">concatenated as</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r
|| s</span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">, resulting in a byte array that is exactly twice as long as the curve order.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">The DSA signature algorithms, as defined by ANSI X9.62, with an output defined in IEEE P1363 format. Both</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">and</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">s</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">are
encoded as unsigned big-endian integers that have been padded to be equal in length to the underlying group order</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">q</span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">.
The final encoded signature is the</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">and</span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">s</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">concatenated
as</span><span style="font-size:11.0pt;font-family:"Helvetica Neue";color:#222222"> </span><span style="font-size:8.5pt;font-family:Menlo;color:#DD1144;border:solid #E1E1E8 1.0pt;padding:2.0pt;background:#F7F7F9">r || s</span><span style="font-size:10.0pt;font-family:"Helvetica Neue";color:#222222">,
resulting in a byte array that is exactly twice as long as the group order.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span style="color:black">"Jiva, Azeem" <javajiva@amazon.com><br>
<b>Date: </b>Tuesday, December 17, 2019 at 3:43 PM<br>
<b>To: </b>"security-dev@openjdk.java.net" <security-dev@openjdk.java.net><br>
<b>Subject: </b>Incorrect documentation<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt">Security experts,</span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in">
<span style="font-family:"Helvetica Neue";color:black">The official<span class="apple-converted-space"> </span>Java Security Standard Algorithm Names<span class="apple-converted-space"> </span>incorrectly documents the<span class="apple-converted-space"> </span></span><code><span style="font-size:10.0pt;color:black">Signature.*withECDSAinP1363Format</span></code><span class="apple-converted-space"><span style="font-family:"Helvetica Neue";color:black"> </span></span><span style="font-family:"Helvetica Neue";color:black">algorithms
as</span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in">
<span style="font-family:"Helvetica Neue";color:black">SEQUENCE ::= { r INTEGER, s INTEGER }</span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in;caret-color: rgb(0, 0, 0);font-variant-caps: normal;orphans: auto;text-align:start;widows: auto;-webkit-text-size-adjust: auto;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family:"Helvetica Neue";color:black">This is incorrect. The IEEE P1363 Format is defined as<span class="apple-converted-space"> </span><em><span style="font-family:"Helvetica Neue"">concatenating</span></em><span class="apple-converted-space"> </span>the<span class="apple-converted-space"> </span></span><code><span style="font-size:10.0pt;color:black">r</span></code><span class="apple-converted-space"><span style="font-family:"Helvetica Neue";color:black"> </span></span><span style="font-family:"Helvetica Neue";color:black">and<span class="apple-converted-space"> </span></span><code><span style="font-size:10.0pt;color:black">s</span></code><span class="apple-converted-space"><span style="font-family:"Helvetica Neue";color:black"> </span></span><span style="font-family:"Helvetica Neue";color:black">values
(with no ASN.1 encoding, but with appropriate padding). The implementations appear correct. This just appears to be a documentation issue. The documentation for Java 11, 12, and 13 would need to be updated.
</span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in">
<span style="font-family:"Helvetica Neue";color:black">I refer you to the Wikipedia page [2], item #7 that has the relevant information</span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in">
<span style="font-family:"Helvetica Neue";color:black"> </span><o:p></o:p></p>
<p style="mso-margin-top-alt:6.0pt;margin-right:0in;margin-bottom:6.0pt;margin-left:0in">
<span style="font-family:"Helvetica Neue";color:black">Thank you.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">[1]: <a href="https://docs.oracle.com/en/java/javase/12/docs/specs/security/standard-names.html#signature-algorithms">
https://docs.oracle.com/en/java/javase/12/docs/specs/security/standard-names.html#signature-algorithms</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">[2]: <a href="https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm">
https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#Signature_generation_algorithm</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
</div>
</body>
</html>