[10] RFR 8166222: Don't treat signed jars with invalid timestamps as unsigned

Weijun Wang weijun.wang at oracle.com
Mon May 22 15:43:49 UTC 2017 

An updated webrev at

   http://cr.openjdk.java.net/~weijun/8166222/webrev.01/

Some more changes:

- TSA cert chain validation is performed in both verification and 
signing. The exit code for validation failure when -strict is specified 
is 64.

- printCert() and validateCertChain() know about they are dealing with 
TSA cert chain and do not touch any flag except for 
tsaChainNotValidated. Code being a little ugly.

- TSA certs lines added to -verbose -certs.

BTW, the code change also fixed 
https://bugs.openjdk.java.net/browse/JDK-8180289.

Here is an example:

$ jarsigner -verify -strict ts2.jar -verbose -certs

s k      75 Mon May 22 22:49:06 CST 2017 META-INF/MANIFEST.MF

       [entry was signed on 5/22/17, 10:49 PM]
       >>> Signer
       X.509, CN=signer (signer)
       [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
       X.509, CN=CA (ca)
       [certificate is valid from 4/12/17, 10:49 PM to 10/29/17, 10:49 PM]
       >>> TSA
       X.509, CN=ts
       [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
       [ExtendedKeyUsage extension does not support timestamping]
       [TSA CertPath not validated: Extended key usage does not permit 
use for TSA server]

         305 Mon May 22 22:49:08 CST 2017 META-INF/SIGNER.SF
        3096 Mon May 22 22:51:06 CST 2017 META-INF/SIGNER.RSA
smk       1 Mon May 22 22:48:56 CST 2017 A

       [entry was signed on 5/22/17, 10:49 PM]
       >>> Signer
       X.509, CN=signer (signer)
       [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
       X.509, CN=CA (ca)
       [certificate is valid from 4/12/17, 10:49 PM to 10/29/17, 10:49 PM]
       >>> TSA
       X.509, CN=ts
       [certificate is valid from 5/22/17, 10:49 PM to 12/8/17, 10:49 PM]
       [TSA CertPath not validated: Extended key usage does not permit 
use for TSA server]


   s = signature was verified
   m = entry is listed in manifest
   k = at least one certificate was found in keystore

- Signed by "CN=signer"
     Digest algorithm: SHA-256
     Signature algorithm: SHA256withRSA, 2048-bit key
   Timestamped by "CN=ts" on Mon May 22 14:49:08 UTC 2017
     Timestamp digest algorithm: SHA-256
     Timestamp signature algorithm: SHA1withRSA, 2048-bit key

jar verified, with signer errors.

Error:
This jar contains entries whose TSA certificate chain is not validated. 
Reason: Extended key usage does not permit use for TSA server

Thanks
Max


On 04/12/2017 11:52 PM, Weijun Wang wrote:
> Please take a review at
> 
>     http://cr.openjdk.java.net/~weijun/8166222/webrev.00/
> 
> The major code change is inside SignatureFileVerifier.java. Now if the 
> timestamp on a signed jar is invalid (For example, using a weak 
> algorithm now disabled), the jar file will be treated as a signed jar 
> without a timestamp. Before this change, it was treated unsigned.
> 
> In jarsigner/Main.java, I also add a line to validate the TSA cert 
> chain. If not validated, a warning will be shown which is similar to the 
> one when signer cert chain is not validated. If -strict is on, exit code 
> will change too.
> 
> I also make a small change at
> 
>     http://cr.openjdk.java.net/~weijun/8166222/root/webrev.00/
> 
> The executeCommand() method shows more info (mainly stdout and stderr 
> outputs) than executeProcess().
> 
> Because of the behavior change and new warnings, this change will need a 
> Compatibility and Specification Review (CSR). At the moment, please 
> review the code change first.
> 
> Thanks
> Max

More information about the security-dev mailing list