JDK-8210755 : Define standard names for EC curves and TLS signature schemes
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2018-09-14
  • Updated: 2019-10-24
  • Resolved: 2019-08-06
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 14
14 b09Fixed
Related Reports
Blocks :  
CSR :  
Relates :  
Relates :  
Relates :  
Relates :  
In the SunJSSE provider, the jdk.tls.namedGroups can be used to customize the supported groups.  But there are no standard names defined for them.  They can also be used in the ECGenParameterSpec API. We should define these named groups in the Standard Names Specification, or document the link to IANA page if the IANA names are used.

Also we are extending the scope of the jdk.tls.disabledAlgorithms security property (see JDK-8226374) to allow you to restrict signature schemes, as specified in the TLS RFCs. We should add a section to the standard names specification listing the standard scheme names.
URL: https://hg.openjdk.java.net/jdk/jdk/rev/a95e92c449bf User: mullan Date: 2019-08-06 13:28:13 +0000

Re-targeting to 14 since we need to fix a bug first which is not critical for 13.

Changed the bug summary to be more specific. This is going to be focused on defining standard curve names for EC keys only right now since that is what is exposed via the standard API (ECGenParameterSpec). The jdk.tls.namedGroups property is JDK-specific (thus other implementations do not have to support it), and also includes names for finite-field groups which are not directly exposed via any standard API that I am aware of.

The list accepted in JSSE (TLS) is: http://hg.openjdk.java.net/jdk/jdk/file/946f7f2d321c/src/java.base/share/classes/sun/security/ssl/NamedGroup.java which were defined in the IANA TLS parameters page: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8

I suggest that we standardize a naming format, rather than a list of names. The definition of strings in that format should be maintained by some standards body, and the provider documentation can list which names are supported. For example, we can say that the standard format is OIDs of the form "". A provider could also support other names/aliases, and list them in its documentation.

Both `keytool -groupname` and `ECGenParameterSpec` also accept non-standard names. For example, both "NIST P-192", "X9.62 prime192v1" are actually "secp192r1". Are we going to officially support them as aliases? Also, these names always have an org name as a prefix. Shall we keep them?

We would probably want to make this a standard property (and not implementation-specific) if we were going to standardize the names. Or introduce a new standard API for setting/getting the groups, see https://bugs.openjdk.java.net/browse/JDK-8080704.