JDK-6845600 : Add support for rsa-sha256, rsa-sha512 SignatureMethod algorithms to XML DSig implementation
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 6
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris_10
  • CPU: sparc
  • Submitted: 2009-05-27
  • Updated: 2012-10-23
  • Resolved: 2009-09-09
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
6u18 b01Fixed
We should add support for the SHA256withRSA and SHA512withRSA SignatureMethod algorithms to our XML DSig implementation in JDK 6. This is a fairly trivial change that will provide users with stronger signature algorithms in JDK 6. Recent cryptographic analysis has revealed weaknesses in the long term collision resistance of the SHA1 algorithm, so providing these stronger algorithms is important. The underlying JCE support is already there, so this is just a matter of adding a small amount of code.

EVALUATION Yes, we should add these stronger algorithms.