RFR 8130132: jarsigner should emit warning if weak algorithms or keysizes are used

Sean Mullan sean.mullan at oracle.com
Fri Nov 20 21:29:45 UTC 2015


This looks good, just a few comments:

KeyStoreUtil:

79         if (!ca.getSubjectDN().equals(end.getIssuerDN())) {

Use getSubjectX500Principal instead of getSubjectDN as the DN matching 
algorithm is more precise.

Resources:

246                 "The %1$s algorithm used as %2$s is considered a 
security risk."},

I would add a few more words to this:

"The %1$s algorithm specified for the %2$s option is considered a 
security risk."

We should also enhance the jarsigner doc to include these warnings.

--Sean

On 11/18/2015 01:23 AM, Wang Weijun wrote:
> Hi All
>
> Please take a look at
>
>     http://cr.openjdk.java.net/~weijun/8130132/webrev.00/
>
> These new warnings will be added to jarsigner:
>
>    The signer's certificate is self-signed.
>    This jar contains entries whose signer certificate is self-signed.
>    The %1$s algorithm used as %2$s is considered a security risk.
>
> For the last one, %1#s is the algorithm name (For example, MD5), %2#s is the option name which is one of "-digestalg", "-sigalg", and "-tsadigestalg".
>
> Also, two existing warning messages
>
>    The signer's certificate chain is not validated.
>    This jar contains entries whose certificate chain is not validated.
>
> will be updated to
>
>    The signer's certificate chain is not validated. Reason: %s
>    This jar contains entries whose certificate chain is not validated. Reason: %s
>
> where %s will be the getLocalizedMessage() value of the exception caught in certificate chain validation.
>
> Thanks
> Max
>



More information about the security-dev mailing list