[10] RFR 8166222: Don't treat signed jars with invalid timestamps as unsigned

Sean Mullan sean.mullan at oracle.com
Fri Jul 14 15:20:00 UTC 2017 

Finally getting back to reviewing this update. A few comments:

SignatureFileVerifier.java:

  729                     debug.println("getTimeStamp caught: "+e);

Can you add a more descriptive message here, like: "Exception processing 
timestamp, code will be treated as signed, but not timestamped: ".

Resources.java:

  209         {".CertPath.not.validated.", "[CertPath not validated: "},
  210         {".TSA.CertPath.not.validated.", "[TSA CertPath not 
validated: "},

I think it would be more clear to say "Invalid CertPath". "not 
validated" sounds like keytool didn't even try to validate the path.

Also, I think you should say "certificate chain" instead of "CertPath" 
because that is the term that is used in all the other certificate chain 
messages emitted by keytool.

  265         {"The.tsa.certificate.chain.is.not.validated.reason.1",
  266                 "The TSA certificate chain is not validated. 
Reason: %s"},

s/not validated/invalid/

  275 
{"This.jar.contains.entries.whose.tsa.certificate.chain.is.not.validated.reason.1",
  276                 "This jar contains entries whose TSA certificate 
chain is not validated. Reason: %s"},

s/not/validated/invalid/

  281         {"bad.timestamp.verifying",
  282                 "This jar contains signatures that include an 
invalid timestamp. Without a valid timestamp, users may not be able to 
validate this jar after any of the signer certificates expire (as early 
as %1$tY-%1$tm-%1$td)."},

Can you also include information how to debug this, i.e. "Rerun 
jarsigner with -J-Djava.security.debug=jar for more information."

--Sean

On 5/22/17 11:43 AM, Weijun Wang wrote:
> An updated webrev at
> 
>    http://cr.openjdk.java.net/~weijun/8166222/webrev.01/
> 
> Some more changes:
> 
> - TSA cert chain validation is performed in both verification and 
> signing. The exit code for validation failure when -strict is specified 
> is 64.
> 
> - printCert() and validateCertChain() know about they are dealing with 
> TSA cert chain and do not touch any flag except for 
> tsaChainNotValidated. Code being a little ugly.
> 
> - TSA certs lines added to -verbose -certs.
> 
> BTW, the code change also fixed 
> https://bugs.openjdk.java.net/browse/JDK-8180289.
> 
> Here is an example:
> 
> $ jarsigner -verify -strict ts2.jar -verbose -certs
> 
> s k      75 Mon May 22 22:49:06 CST 2017 META-INF/MANIFEST.MF
> 
>        [entry was signed on 5/22/17, 10:49 PM]
>        >>> Signer
>        X.509, CN=signer (signer)
>        [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
>        X.509, CN=CA (ca)
>        [certificate is valid from 4/12/17, 10:49 PM to 10/29/17, 10:49 PM]
>        >>> TSA
>        X.509, CN=ts
>        [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
>        [ExtendedKeyUsage extension does not support timestamping]
>        [TSA CertPath not validated: Extended key usage does not permit 
> use for TSA server]
> 
>          305 Mon May 22 22:49:08 CST 2017 META-INF/SIGNER.SF
>         3096 Mon May 22 22:51:06 CST 2017 META-INF/SIGNER.RSA
> smk       1 Mon May 22 22:48:56 CST 2017 A
> 
>        [entry was signed on 5/22/17, 10:49 PM]
>        >>> Signer
>        X.509, CN=signer (signer)
>        [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
>        X.509, CN=CA (ca)
>        [certificate is valid from 4/12/17, 10:49 PM to 10/29/17, 10:49 PM]
>        >>> TSA
>        X.509, CN=ts
>        [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
>        [TSA CertPath not validated: Extended key usage does not permit 
> use for TSA server]
> 
> 
>    s = signature was verified
>    m = entry is listed in manifest
>    k = at least one certificate was found in keystore
> 
> - Signed by "CN=signer"
>      Digest algorithm: SHA-256
>      Signature algorithm: SHA256withRSA, 2048-bit key
>    Timestamped by "CN=ts" on Mon May 22 14:49:08 UTC 2017
>      Timestamp digest algorithm: SHA-256
>      Timestamp signature algorithm: SHA1withRSA, 2048-bit key
> 
> jar verified, with signer errors.
> 
> Error:
> This jar contains entries whose TSA certificate chain is not validated. 
> Reason: Extended key usage does not permit use for TSA server
> 
> Thanks
> Max
> 
> 
> On 04/12/2017 11:52 PM, Weijun Wang wrote:
>> Please take a review at
>>
>>     http://cr.openjdk.java.net/~weijun/8166222/webrev.00/
>>
>> The major code change is inside SignatureFileVerifier.java. Now if the 
>> timestamp on a signed jar is invalid (For example, using a weak 
>> algorithm now disabled), the jar file will be treated as a signed jar 
>> without a timestamp. Before this change, it was treated unsigned.
>>
>> In jarsigner/Main.java, I also add a line to validate the TSA cert 
>> chain. If not validated, a warning will be shown which is similar to 
>> the one when signer cert chain is not validated. If -strict is on, 
>> exit code will change too.
>>
>> I also make a small change at
>>
>>     http://cr.openjdk.java.net/~weijun/8166222/root/webrev.00/
>>
>> The executeCommand() method shows more info (mainly stdout and stderr 
>> outputs) than executeProcess().
>>
>> Because of the behavior change and new warnings, this change will need 
>> a Compatibility and Specification Review (CSR). At the moment, please 
>> review the code change first.
>>
>> Thanks
>> Max

More information about the security-dev mailing list