RFR 8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms

Weijun Wang weijun.wang at oracle.com
Thu Feb 23 03:42:28 UTC 2017


Updated again at

    http://cr.openjdk.java.net/~weijun/8171319/webrev.02/

Changes:

1. Combined printWeakWarningsWithoutNewLine() and printWeakWarnings() to 
one method.

2. New X509CRLImpl.toStringWithAlgName(String name).

Nothing more.

Thanks
Max

On 02/15/2017 11:04 PM, Seán Coffey wrote:
> Hi Weijun,
>
> That's looks good to me and will be a big help for keytool usability.
>
> some thoughts :
>
> Main.java : in your printCRL method, would you consider editing the
> X509CRLImpl class to print with a customized string ? It'll make the
> code more resilient to future changes in this area
>
> i.e. something like this in X509CRLImpl :
>
>  public String toString() { printCRL(null); }
>  public String printCRL(String custom) {
>    // transfer the toString() code to here
>    // and allow for 'custom' string to be injected if non-null
>    ..
>   }
>
> in Main.java, I'd suggest an instanceof check for X509CRLImpl before
> calling printCRL(..). Could X509CRL.getSigAlgName() then be used for
> passing into the withWeak method call ?
>
> ===
>
> Also in Main.java, maybe you could reduce
> printWeakWarningsWithoutNewLine and printWeakWarnings() to one method -
> e.g. printWeakWarnings(boolean newline)
>
> ===
>
> Regards,
> Sean.
>
> On 15/02/17 01:16, Weijun Wang wrote:
>> Ping again.
>>
>> Also, must we resolve this one before ZBB?
>>
>> --Max
>>
>> On 02/09/2017 10:26 AM, Weijun Wang wrote:
>>> An update webrev is at
>>>
>>>    http://cr.openjdk.java.net/~weijun/8171319/webrev.01/
>>>
>>> The major change is that every risk warning has a owner now, i.e.
>>> instead of just saying "MD5withRSA is weak", it prints out whose
>>> algorithm is weak. For example:
>>>
>>>    The generated CRL uses the MD5withRSA signature algorithm which is
>>> considered a security risk.
>>>
>>> Please take a look at the output of the newly added regression test at
>>>
>>> http://cr.openjdk.java.net/~weijun/8171319/webrev.01/examples.txt
>>>
>>> Thanks
>>> Max
>>>
>>> On 01/23/2017 06:02 PM, Weijun Wang wrote:
>>>> Hi All
>>>>
>>>> Please take a review at
>>>>
>>>>    http://cr.openjdk.java.net/~weijun/8171319/webrev.00/
>>>>
>>>> Warnings are printed to System.err when weak algorithms/keysizes are
>>>> detected during the execution, this includes input, output, and any
>>>> certs used.
>>>>
>>>> The detection applies to many keytool functions:
>>>>
>>>> - generation of certificate, certificate request, CRL
>>>> - reading (printing, listing, exporting) of above
>>>> - importing of certificate or certificates reply
>>>>
>>>> The behavior of most functions remains unchanged. The only exception is
>>>> "keytool -importcert", where the user must reply to a prompt if weak
>>>> algorithms/keysizes are detected, unless -noprompt is specified on the
>>>> command line.
>>>>
>>>> Warnings are either printed at the end, or before a prompt.
>>>>
>>>> If there are multiple weak points, multiple warnings will be printed.
>>>>
>>>> The detection is based on the security property
>>>> jdk.certpath.disabledAlgorithms.
>>>>
>>>> For example:
>>>>
>>>> $ keytool -genkeypair -alias a -dname CN=a -keyalg RSA -sigalg
>>>> MD5withRSA
>>>>
>>>> Warning:
>>>> The MD5withRSA signature algorithm is considered a security risk.
>>>>
>>>> $ keytool -keystore ks -storepass changeit -keypass changeit -list
>>>>
>>>> Keystore type: JKS
>>>> Keystore provider: SUN
>>>>
>>>> Your keystore contains 3 entries
>>>>
>>>> b, Jan 23, 2017, PrivateKeyEntry,
>>>> Certificate fingerprint (SHA-256):
>>>> D8:46:B7:0B:8B:97:C2:DE:A2:17:62:01:27:82:2B:CE:B1:9B:12:0B:24:D5:47:BF:BD:54:EE:8A:71:29:2B:CE
>>>>
>>>>
>>>>
>>>> a, Jan 23, 2017, PrivateKeyEntry,
>>>> Certificate fingerprint (SHA-256):
>>>> 66:70:DF:11:14:A1:96:58:92:F5:6A:10:09:B1:2F:CC:1C:CC:2D:55:47:1D:EE:74:75:AA:26:63:E4:9D:EA:83
>>>>
>>>>
>>>>
>>>>
>>>> Warning:
>>>> <b>'s 512-bit RSA key is considered a security risk.
>>>> <a>'s MD5withRSA signature algorithm is considered a security risk.
>>>>
>>>> $ keytool -importcert -alias a -file b+a.certs
>>>>
>>>> Warning:
>>>> Reply #2 of 2's 512-bit RSA key is considered a security risk.
>>>>
>>>> Install reply anyway? [no]:no
>>>> Certificate reply was not installed in keystore
>>>>
>>>> Thanks
>>>> Max
>


More information about the security-dev mailing list