JDK-8236470 : Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 8,11,14
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2019-12-21
  • Updated: 2022-07-12
  • Resolved: 2019-12-24
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 13 JDK 14 JDK 15 JDK 8 Other
11.0.8Fixed 13.0.4Fixed 14 b30Fixed 15Fixed 8u251Fixed openjdk8u252Fixed
Description
Some certificates use ecdsa-with-SHA2 as the signature algorithm and specify the hash algorithm in parameters. For example, SHA384withECDSA is

0238:001A  [1]     SEQUENCE
023A:0009  [10]         OID 1.2.840.10045.4.3 (ecdsaWithSpecified)
0243:000F  [11]         SEQUENCE
0245:000B  [110]             OID 2.16.840.1.101.3.4.2.2 (sha-384)
0250:0002  [111]             NULL

The parameters here is treated as an EC parameter (normally used to specify a named curve) and an exception will be thrown.

An earlier draft of ECDSA at https://tools.ietf.org/html/draft-ietf-pkix-sha2-dsa-ecdsa-04#section-3.2.3 mentioned it with "Conforming CA implementations MUST NOT specify the ecdsa-with-Specified OID when encoding certificates and CRLs" and suggested "conforming client implementations MAY recognize" it, but even this line was removed in the final version at https://tools.ietf.org/html/rfc5758 and this OID is never documented anywhere.
Comments
Fix request (13u) Requesting backport to 13u for parity with 11u, applies cleanly.
02-06-2020
Fix request (11u) This bug affects JDK-11. It has been already fixed in JDK-8 (for parity with Oracle's JDK) and JDK-15. Patch applies cleanly. I've not found any regression in jdk/sun/security/x509 testing category (31 passed).
17-04-2020
URL: https://hg.openjdk.java.net/jdk/jdk14/rev/d54ce919da90 User: weijun Date: 2019-12-24 23:18:18 +0000
24-12-2019