JDK-8230978 : Add support for RSASSA-PSS Signature algorithm (Java SE 8)
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P2
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2019-09-13
  • Updated: 2020-06-09
  • Resolved: 2019-11-22
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 Other
8u251Fixed openjdk8u252Fixed
Related Reports
CSR :  
JDK-8233418 - Add support for RSASSA-PSS Signature algorithm (Java SE 8)
Sub Tasks
JDK-8231730 :  
Documentation for Add support for RSASSA-PSS Signature algorithm (Java SE 8) - Resolved
Description
PKCS#1 v2.2 (RFC 8017) provides recommendations for the implementation of public-key cryptography based on the RSA algorithm [RSA].

Existing Java SE security APIs and JDK crypto providers support most but not all algorithms in PKCS#1 and need to be updated to support PKCS#1 v2.2.

This enhancement was made to Java SE 11.  To preserve compatibility with newer platform releases, the Java SE 11 RSASSA-PSS APIs will be backported to Java SE 8.

Solution
--------
  - Update all PKCS#1 v2.1 references with the PKCS#1 v2.2 standard and 
its ASN.1 syntax
  - Enhance existing RSA-related classes for supporting RSASSA-PSS keys 
which may contain parameters
  - Add RSASSA-PSS (Probabilistic Signature Scheme) implementation 
support to SunRsaSign provider
  - Add the support of SHA-512/224 and SHA-512/256 digests.
  - Add the support of SHA-512/224 and SHA-512/256 digests to the
    OAEPPadding impl of RSA Cipher implementation in SunJCE provider

There are 7 changesets that should be backported to provide this 
feature:  2 API and 5 minor bug fixes:

APIs
JDK-8146293: Add support for RSASSA-PSS Signature algorithm
JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

Bug Fixes
JDK-8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails
JDK-8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange
    Fixes to JDK-8146293 to accommodate Bouncy Castle behavior

JDK-8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support
    Fix for JDK-8146293 to handle non-null EC parameters

JDK-8215694: keytool cannot generate RSASSA-PSS certificates

JDK-8205720: KeyFactory#getKeySpec and translateKey throws NullPointerException with Invalid key
Comments
Here is the complete list of bugs expected to be in Oracle JDK 8u and OpenJDK 8u. JDK-8230978: Add support for RSASSA-PSS Signature algorithm (Java SE 8) The main umbrella bug for the MR. JDK-8175029: StackOverflowError in X509CRL and X509Certificate.verify(PublicKey, Provider) Stability issue. JDK-8146293: Add support for RSASSA-PSS Signature algorithm The main RSASSA-PSS backport. JDK-8205445: Add RSASSA-PSS Signature support to SunMSCAPI Initial attempt to add RSASSA-PSS, some interoperability limitations. JDK-8205720: KeyFactory#getKeySpec and translateKey throws NullPointerException with Invalid key JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized Functional issues. JDK-8213009: Refactoring existing SunMSCAPI classes Technical Debt cleanup plus limited CNG support for PSS Signatures/Keys. Also enable ease of subsequent backports (below), and future backports from jdk/jdk. JDK-8213010: Supporting keys created with certmgr.exe Add certmgr (Microsoft Certificate Manager tool) support JDK-8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails Functional issues. JDK-8215694: keytool cannot generate RSASSA-PSS certificates Add RSASSA-PSS to keytool. JDK-8221407: Windows 32bit build error in libsunmscapi/security.cpp Build problem. JDK-8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange Interop issue. JDK-8223003: SunMSCAPI keys are not cleaned up Stability issue. JDK-8223063: Support CNG RSA keys Better support for RSASSA-PSS using RSA CNG keys. JDK-8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support JDK-8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows Functional/stability issues. JDK-8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId allow some certificates which had unusual construction. JDK-8238502: sunmscapi.dll causing EXCEPTION_ACCESS_VIOLATION missing cast was causing crashes on windows-i586 builds. Additionally, to support the RSASSA-PSS modes involving SHA-512/224 and SHA-512/256 , I also backported minimal code in the SUN/SunJCE providers (MessageDigests/MGF1ParameterSpec/OAEPParameters/Signatures) from "JDK-8051408: NIST SP 800-90A SecureRandom implementations" This was done without an additional bugid.
08-02-2020
URL: https://hg.openjdk.java.net/jdk8u/jdk8u41/jdk/rev/6bada58189de User: wetmore Date: 2019-11-22 18:53:20 +0000
22-11-2019
Fix Request (8 MR 3) This is RSASSA-PSS portion of the announced 8 MR 3. [1] The codereview was done in security-dev/jdk8u-dev [2] [3] This is a backport of the bugs listed, plus some minor updates due to code reorganization/refactoring, and the addition of the two minor additions listed in the review (ADDITIONAL_LICENSE_INFO and truncated hashes). [1] https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010573.html [2] https://mail.openjdk.java.net/pipermail/jdk8u-dev/2019-November/010595.html [3] https://mail.openjdk.java.net/pipermail/security-dev/2019-November/020900.html
21-11-2019