Security provider self-integrity checking changes in JDK 9.0?

Bradford Wetmore bradford.wetmore at oracle.com
Tue Sep 25 21:47:50 UTC 2018 


On 9/25/2018 2:14 PM, John Gray wrote:
> Hello,
> 
> We have a couple questions regarding Jar verification in Java 9 (and later)

...deleted...

> There is no mention of the self-integrity checking in this section?    
> There doesn’t seem to be an explanation as to why it was removed?

The self-interity requirement check was necessary for very early 
versions of JCE when crypto regulations were different, but is no longer 
necessary.  IIRC, we left the guidance in because some folks were still 
targeting those ancient versions along with JDK 6/7.  But with the docs 
cleanup in 9, we removed some of the old obsolete information like that.

---begin---
IMPORTANT NOTE: In the unbundled version of JCE 1.2.x, (used with JDKs 
1.2.x and 1.3.x), providers needed to include code to authenticate the 
JCA framework to assure themselves of the integrity and authenticity of 
the JCA that they plugged into. In JDK 6 and later, this is no longer 
necessary.
---end---

Thanks,

Brad



> In Section 8.2, it briefly mentions self-integrity checking:
> 
> Step 8.2: Set Provider Permissions
> 
> Permissions 
> <https://docs.oracle.com/javase/9/security/java-security-overview1.htm#GUID-7A49C00B-BEA6-4050-9E32-6168211585F7> 
> must be granted for when applications are run while a security manager 
> is installed. A security manager may be installed for an application 
> either through code in the application itself or through a command-line 
> argument.
> 
>  1. Your provider may need the following permissions granted to it in
>     the client environment:
>       * java.lang.RuntimePermission to get class protection domains. The
>         provider may need to get its own protection domain in the
>         process of doing self-integrity checking.
>       * java.security.SecurityPermission to set provider properties.
> 
> So we are just wondering if something has changed in JDK 9 (and later) 
> that makes the self-integrity check by a security provider 
> unnecessary.   If it has been changed, could we get information as to 
> what has changed and why it changed?
> 
> Thanks so much
> 
> John Gray
> 
> Entrust Datacard
>

More information about the security-dev mailing list