RFR: 8273670: Remove weak etypes from default krb5 etype list

Weijun Wang weijun at openjdk.java.net
Fri Sep 24 21:41:51 UTC 2021


On Fri, 24 Sep 2021 19:33:12 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> This code change removes weak etypes from the default list so it's safer to enable one of them. See the corresponding CSR at https://bugs.openjdk.java.net/browse/JDK-8274207 for more explanation. BTW, please review the CSR as well.
>
> src/java.security.jgss/share/classes/sun/security/krb5/internal/crypto/EType.java line 101:
> 
>> 99:         if (allowWeakCrypto) {
>> 100:             result[num++] = EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD;
>> 101:             result[num++] = EncryptedData.ETYPE_ARCFOUR_HMAC;
> 
> MIT still has arcfour-hmac-md5 in the enabled list - do you think there is any reason (compatibility) we should do the same? Note that I think it is better that we don't though. See "permitted_enctypes" at https://web.mit.edu/Kerberos/krb5-1.19/doc/admin/conf_files/krb5_conf.html#libdefaults.

This is because MIT krb5 treats DES as weak and RC4 as deprecated. In Java, we treat both as weak after JDK-8139348 (the title is "Deprecate 3DES and RC4 in Kerberos" but this "deprecate" is not the same as the one in MIT krb5). This means when "allow_weak_crypto = true" we've already removed RC4. Since this code change is about removing weak etypes from the default "permitted_enctypes", we should be consistent.

-------------

PR: https://git.openjdk.java.net/jdk/pull/5654


More information about the security-dev mailing list