RFR: 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled

Sean Mullan mullan at openjdk.java.net
Tue Nov 16 17:58:36 UTC 2021

On Tue, 16 Nov 2021 01:41:50 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> I'm feeling we should completely dump checking for algorithms and switch to checking algorithmIds. Even if currently it's only RSASSA-PSS, but suppose one day we support the SHAKE256-LEN MessageDigest algorithm and I suppose that LEN cannot be any number.

Yes, this is a good suggestion, but I think it should be tackled separately. I'll file a separate RFE though. It would be nice if we made AlgorithmId a public API too.

> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line 1491:
>> 1489:     private static String checkWeakAlg(String alg, CertPathConstraintsParameters cpcp) {
>> 1490:         try {
>> 1491:             CERTPATH_DISABLED_CHECK.permits(alg, cpcp, false);
> Do we need to check AlgorithmParamters as well? Ex: if `alg` is RSASSA-PSS.

We should, but the problem is that jarsigner needs to individually test each algorithm, so it can properly display which algorithm is restricted. So, I think it will need to parse the RSSASSA params itself, and then call the constraints code to check each algorithm. Let me see if I can code up something that does that.


PR: https://git.openjdk.java.net/jdk/pull/6296

More information about the security-dev mailing list