JDK-6501143 : Support for ecdsa-with-Specified AlgorithmIdentifier
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7
  • Priority: P4
  • Status: Closed
  • Resolution: Won't Fix
  • OS: generic
  • CPU: generic
  • Submitted: 2006-12-06
  • Updated: 2013-10-03
  • Resolved: 2013-10-03
Related Reports
Relates :  
JDK-6414980 - ECC Updates
Description
The ecdsa-with-Specified AlgorithmIdentifier for signatures is unusual in that it encodes the hash algorithm separately in the parameters instead of as part of the main ObjectIdentifier. Special code is required to recognize that and construct the correct algorithm name when verifying e.g. X509Certificate containing such signatures. That code was added to JDK 6 as part of 6414980.

This RFE is used to track a potential backport of that particular issue (but not the larger ECC related changes) to earlier releases.
Comments
No plans to port to JDK 5
03-10-2013
SUGGESTED FIX The changes made in JDK 6 for this issue are (with unrelated changes ommitted): ------- AlgorithmId.java ------- --- /tmp/geta676 Tue Dec 5 18:08:02 2006 +++ /tmp/getb676 Tue Dec 5 18:08:02 2006 @@ -216,6 +216,22 @@ */ public String getName() { String algName = nameTable.get(algid); + if (algName != null) { + return algName; + } + if ((params != null) && algid.equals(specifiedWithECDSA_oid)) { + try { + AlgorithmId paramsId = + AlgorithmId.parse(new DerValue(getEncodedParams())); + String paramsName = paramsId.getName(); + if (paramsName.equals("SHA")) { + paramsName = "SHA1"; + } + algName = paramsName + "withECDSA"; + } catch (IOException e) { + // ignore + } + } return (algName == null) ? algid.toString() : algName; } @@ -631,6 +647,16 @@ public static final ObjectIdentifier sha1WithECDSA_oid = oid(1, 2, 840, 10045, 4, 1); + public static final ObjectIdentifier specifiedWithECDSA_oid = + oid(1, 2, 840, 10045, 4, 3); /** * Algorithm ID for the PBE encryption algorithms from PKCS#5 and
06-12-2006