RFR [13] JDK-8226374 Restric signature algorithms and named groups
Xuelei Fan
xuelei.fan at oracle.com
Mon Jul 8 16:30:31 UTC 2019
On 7/8/2019 8:45 AM, Sean Mullan wrote:
> A couple of comments/question so far (not done reviewing)
>
> - Please change all instances of "Restric" to "Restrict" (proper
> spelling) in the bug summary and names of tests, etc
>
I will do it.
> - It looks like you have enhanced jdk.tls.disabledAlgorithms to allow
> you to restrict named groups. I think that would make this an RFE, which
> will require a CSR and special approval to get into JDK 13. Do you
> really need this to implement the fix?
Named groups is a part of the signature algorithms for TLS 1.3. For
example for signature algorithm ecdsa_secp256r1_sha256, "secp256r1" is
the named groups part. It is simple to restrict named groups and
signature algorithm in one update.
We can go as an RFE for JDK 14. But I would prefer to have it in JDK 13
so that applications could disable RSASSA-PSS and the certificate
selection could be more robust.
As this does not change the public APIs and specs, I think it might be
fine to go with a bug fix for JDK 13 without a CSR.
> If not, I would separate that
> part out and target it to JDK 14. Also, why haven't you updated the
> definition of jdk.tls.disabledAlgorithms to include named groups?
>
The named groups will be documented in the Standard Algorithms
Documentation. I think it is sufficient.
I'm fine to make it an RFE in JDK 14 if you want a CSR. We could
backport it later if necessary.
Thanks,
Xuelei
> Thanks,
> Sean
>
> On 7/7/19 11:00 PM, Xuelei Fan wrote:
>> ping ...
>>
>> On 6/28/2019 1:41 PM, Xuelei Fan wrote:
>>> Hi,
>>>
>>> Could I get the following update reviewed?
>>> http://cr.openjdk.java.net/~xuelei/8226374/webrev.00/
>>>
>>> During handshaking, the selection of signature algorithms was not
>>> checked with the algorithm constraints. Then the available signature
>>> algorithms may be ignored if a restricted algorithm get selected.
>>> The connection should be able to be established as there are
>>> available algorithms.
>>>
>>> Within this update, more algorithm constraints checking are
>>> introduced in the signature algorithms and named groups code.
>>>
>>> The significant changes are in NamedGroup.java and
>>> SignatureScheme.java, in order to introduce the checking and
>>> algorithm parameters and specs.
>>>
>>> Thanks,
>>> Xuelei
More information about the security-dev
mailing list