Skip to content

feat: Add PS256 Support#788

Merged
tanya732 merged 2 commits into
masterfrom
feat/add-PS256-support
Jul 13, 2026
Merged

feat: Add PS256 Support#788
tanya732 merged 2 commits into
masterfrom
feat/add-PS256-support

Conversation

@tanya732

@tanya732 tanya732 commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds Algorithm.RSA256PSS, RSA384PSS, and RSA512PSS factory methods (each with RSAKeyProvider, RSAPublicKey + RSAPrivateKey, and RSAKey overloads), implementing the RSASSA-PSS signature scheme from RFC 7518 §3.5. Closes Support for PS256 algorithm #659.

  • Non-breaking, purely additive. Existing RS/ES/HS algorithms are unchanged, and the japicmp apiDiff check reports no breaking API changes.

  • Threads an optional AlgorithmParameterSpec through CryptoHelper and RSAAlgorithm. For PSS, this is a PSSParameterSpec configured with:

    • MGF1 using the same digest algorithm
    • Salt length equal to the digest length (32/48/64 bytes)
    • Trailer field 1

    The parameters are applied via Signature.setParameter() during both signing and verification. Existing algorithms continue to pass null, so their behavior is unchanged.

Provider / Java Version Notes

  • Uses the standard JCA algorithm name RSASSA-PSS, resolved through Signature.getInstance(...) using the first registered provider that supports it. No provider-specific detection logic is added.
  • Java 11+
    • RSASSA-PSS is supported natively by the built-in SunRsaSign provider (JDK-8146293).
  • Java 8
    • The built-in JDK providers do not implement RSASSA-PSS.
    • Users must register a provider that supports it (for example, Bouncy Castle).
    • No new runtime (implementation) dependency has been added.
    • Bouncy Castle remains a testImplementation dependency only.

Naming

The new factory methods follow the existing naming convention:

  • RSA256PSS
  • RSA384PSS
  • RSA512PSS

The generated JWT alg header values remain the standard JWS values:

  • PS256
  • PS384
  • PS512

Test Plan

  • Unit tests pass on Java 8, 11, 17, and 21 (testJava8, testJava11, testJava17, testJava21)
  • apiDiff (japicmp) confirms there are no breaking public API changes
  • RSAPSSAlgorithmTest covers:
    • PS256/PS384/PS512 sign/verify round-trips
    • Sign with private key / verify with public key
    • Non-deterministic signatures (randomized salt)
    • Invalid public key rejection
    • Mismatched algorithm rejection (e.g. PS256 token verified with PS384/PS512)
    • Native SunRsaSign provider path (skipped on Java 8 using Assume)
  • README updated with:
    • PS256/PS384/PS512 algorithm table entries
    • Java 8 provider requirement note

@tanya732 tanya732 marked this pull request as ready for review July 10, 2026 14:09
@tanya732 tanya732 requested a review from a team as a code owner July 10, 2026 14:09
@tanya732 tanya732 merged commit 0525762 into master Jul 13, 2026
7 checks passed
@tanya732 tanya732 deleted the feat/add-PS256-support branch July 13, 2026 06:07
@tanya732 tanya732 mentioned this pull request Jul 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Support for PS256 algorithm

2 participants