JDK 9 and JCE code signing (where and sha1WithDSA 1024?)
Sean Mullan
sean.mullan at oracle.com
Mon Nov 21 12:48:10 UTC 2016
On 11/20/16 2:57 PM, Bernd Eckenfels wrote:
> Hello,
>
> how will the JCE Provider signing in Java 9 work? Are the jmod files
> signed (I dont see a signature in them in the Windows EA builds)?
Third party JCE providers still need to be signed as a JAR file.
> On the BouncyCastle Crypto mailing list there has been a discussion
> that currently JCE code signing (of Jars) is done with a SHA1 chained
> 1024 bit DSA signature.
>
> https://www.bouncycastle.org/devmailarchive/msg14905.html
>
> Will that change to actually allow SHA-1 to be
> turned off? Does the JAR-path checking security attribute also apply to
> any (possible) JMOD signatures?
>
> Oracle's planned changes do not include as far as I can see any changes
> here. I dont mind much that JCE policy is enforced by an older
> algorithm, but it makes it impossible to globally turn off SHA1 and DSA
> (1024).
This information below is specific to Oracle's JDK, so it is best
discussed in a different forum. In short though, here is some
information you may find useful:
We have recently upgraded Oracle's JCE CA to use stronger algorithms
(SHA-256 and 2048-bit keys). It was released in JDK 8u111, 7u121, 6u131.
More information is here (see "New JCE Code Signing Root CA":
http://www.oracle.com/technetwork/java/javase/8u111-relnotes-3124969.html
You can now request a new JCE code signing certificate that uses
stronger algorithms. However, this certificate will only work on
releases on or after the above releases. Thus, we recommend that if you
do need to support older releases, you keep the signature on the
existing JAR and re-sign it with the new certificate/key -- which means
the resulting signed JAR will have 2 signatures.
--Sean
More information about the security-dev
mailing list