[8u] RFR: 8172404: Tools should warn if weak algorithms are used before restricting them
Severin Gehwolf
sgehwolf at redhat.com
Mon Jan 11 11:35:15 UTC 2021
Hi,
Please review this 8u backport of JDK-8172404, an enhancement to warn
about insecure and soon-to-be-disabled algorithms in security tools.
This patch introduces a new security property,
jdk.security.legacyAlgorithms, and thus requires a CSR. Since Oracle
backported this patch, we are re-using that CSR.
The original patch doesn't apply cleanly so I had to adjust hunks
manually. In order for this backport to apply better, it depends on
JDK-8185934[1] and JDK-8233228[2]. Of particular note are the
differences in jarsigner/Main.java method signJar(). For this backport,
I've moved initialization of a null sigalg a bit earlier in signJar()
by virtue of calling new private static method
getDefaultSignatureAlgorithm(privateKey). This allows one to reason
that sigalg, tSADigestAlg and digestalg will never be null when new
method checkWeakSign() is being called. The former, because of what
I've just explained earlier, the latter two because they are being set
to default values on object construction in contrast to code in JDK
11u.
Bug: https://bugs.openjdk.java.net/browse/JDK-8172404
webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-8172404/jdk8/02/webrev/
CSR (approved): https://bugs.openjdk.java.net/browse/JDK-8238640
Testing: keytool/jarsigner tests. Manual testing that warnings are
being printed for weak CA certs in cacerts
Thoughts?
Thanks,
Severin
[1] On review here:
https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013291.html
[2] Reviewed and 8u-Maintainer-approved. Waiting for push:
https://bugs.openjdk.java.net/browse/JDK-8233228
More information about the jdk8u-dev
mailing list