RFR: 8281561: Disable http DIGEST mechanism with MD5 by default

[Michael McMahon]

On Sat, 5 Mar 2022 15:07:15 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:

>> Hi,
>> 
>> Could I get the following change reviewed please, which is to disable the MD5 message digest algorithm by default in the HTTP Digest authentication mechanism? The algorithm can be opted into by setting a new system property "http.auth.digest.reEnabledAlgs" to include the value MD5. The change also updates the Digest authentication implementation to use some of the more secure features defined in RFC7616, such as username hashing and additional digest algorithms like SHA256 and SHA512-256.
>> 
>> - Michael
>
> src/java.base/share/classes/sun/net/www/protocol/http/DigestAuthentication.java line 514:
> 
>> 512:         if (getAuthType() == AuthCacheValue.Type.Server &&
>> 513:                 getProtocolScheme().equals("https")) {
>> 514:             // HTTPS server authentication can use any algorithm
> 
> Hello Michael,
> Should it be noted somewhere in the text of the linked CSR that the property values play no role if the request URL's scheme is HTTPS (and proxy isn't involved)?
> 
> As a related question - should the implementation even bother about this HTTP vs HTTPS protocol check? As far as I understand, the reason why we are proposing to disable support for MD5 is because of its cryptographic weakness/vulnerabilities. So irrespective of whether or not the  computed MD5 (or any other disabled algorithm) digest value gets transferred over HTTP or HTTPS, the value would still be cryptographically vulnerable isn't it?

The distinction may be worth mentioning in the CSR and the docs. The distinction is useful because like Basic authentication which is completely insecure with plaintext HTTP, it is secure and a potentially useful web authentication scheme controlled by the browser when run over HTTPS (except when authenticating with HTTPS to a proxy).

-------------

PR: https://git.openjdk.java.net/jdk/pull/7688