RFR: 8245545: Disable TLS_RSA cipher suites [v4]

Sean Mullan mullan at openjdk.org
Wed Nov 20 14:52:25 UTC 2024 

On Tue, 19 Nov 2024 21:57:04 GMT, Artur Barashev <abarashev at openjdk.org> wrote:

>> These cipher suites do not preserve forward-secrecy and are not commonly used. Other TLS implementations (ex: Rustls) do not support or enable these suites by default. RFC 9325 [1] states that these suites should not be used. The IETF Draft "Deprecating Obsolete Key Exchange Methods in TLS" [2] mandates that these suites not be used.
>> 
>> Some TLS_RSA_* cipher suites are already disabled because they use DES, 3DES, RC4, or NULL, which are disabled. This action will disable all remaining TLS_RSA cipher suites.
>> 
>> [1] RFC 9325, Recommendations for Secure Use of TLS and DTLS (https://www.rfc-editor.org/rfc/rfc9325.html#section-4.1-2.5.1): "Implementations SHOULD NOT negotiate cipher suites based on RSA key transport, a.k.a. "static RSA". Rationale: These cipher suites, which have assigned values starting with the string "TLS_RSA_WITH_*", have several drawbacks, especially the fact that they do not support forward secrecy."
>> [2] IETF Draft, Deprecating Obsolete Key Exchange Methods in TLS (https://www.ietf.org/archive/id/draft-ietf-tls-deprecate-obsolete-kex-05.html#section-4): "Clients MUST NOT offer and servers MUST NOT select RSA cipher suites in TLS 1.2 connections. (Note that TLS 1.0 and 1.1 are deprecated by [RFC8996], and TLS 1.3 does not support static RSA [RFC8446].)"
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Remove the empty lines added

Please also update `test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java` with the list of disabled TLS_RSA suites, and add 8245545 to the `@bug` line. This test will check that the suites are disabled.

test/jdk/javax/net/ssl/DTLS/DTLSMFLNTest.java line 56:

> 54: public class DTLSMFLNTest {
> 55:     public static void main(String[] args) {
> 56:         SecurityUtils.removeFromDisabledTlsAlgs("TLS_RSA_*");

Are you sure this is needed? This test passes for me if I comment out this line.

test/jdk/javax/net/ssl/SSLEngine/Basics.java line 60:

> 58: 
> 59:     public static void main(String[] args) throws Exception {
> 60:         SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1", "TLS_RSA_*");

Add comment: // Re-enable TLSv1.1 and TLS_RSA_* since test depends on it.

test/jdk/javax/net/ssl/SSLEngine/EngineCloseOnAlert.java line 66:

> 64: 
> 65:     public static void main(String[] args) throws Exception {
> 66:         SecurityUtils.removeFromDisabledTlsAlgs("TLS_RSA_*");

Add comment: // Re-enable TLS_RSA_* since test depends on it.

test/jdk/javax/net/ssl/TLSv11/GenericBlockCipher.java line 175:

> 173: 
> 174:     public static void main(String[] args) throws Exception {
> 175:         // Re-enable TLSv1.1 since test depends on it.

Update comment: s/TLSv1/TLSv1 and TLS_RSA_*/

test/jdk/javax/net/ssl/TLSv12/ProtocolFilter.java line 162:

> 160: 
> 161:     public static void main(String[] args) throws Exception {
> 162:         SecurityUtils.removeFromDisabledTlsAlgs("TLS_RSA_*");

Add comment: // Re-enable TLS_RSA_* since test depends on it.

test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 1:

> 1: /*

For this test, please add 8245545 to the `@bug` line because it is making sure that the TLS_RSA suites are disabled.

test/jdk/javax/net/ssl/sanity/ciphersuites/TLSCipherSuitesOrder.java line 61:

> 59: 
> 60:     public static void main(String[] args) {
> 61:         SecurityUtils.removeFromDisabledTlsAlgs("TLS_RSA_*");

Add comment: // Re-enable TLS_RSA_* since test depends on it.

test/jdk/sun/security/pkcs11/tls/tls12/FipsModeTLS12.java line 85:

> 83: 
> 84:     public static void main(String[] args) throws Exception {
> 85:         SecurityUtils.removeFromDisabledTlsAlgs("TLS_RSA_*");

Add comment: // Re-enable TLS_RSA_* since test depends on it.

test/jdk/sun/security/ssl/ClientHandshaker/LengthCheckTest.java line 273:

> 271:      */
> 272:     public static void main(String args[]) throws Exception {
> 273:         // Re-enable TLSv1 since test depends on it.

Update comment: s/TLSv1/TLSv1 and TLS_RSA_*/

test/jdk/sun/security/ssl/EngineArgs/DebugReportsOneExtraByte.java line 103:

> 101:             System.out.println("Test Passed.");
> 102:         } else {
> 103:             // Re-enable TLSv1 since test depends on it

Update comment: s/TLSv1/TLSv1 and TLS_RSA_*/

-------------

PR Comment: https://git.openjdk.org/jdk/pull/22163#issuecomment-2488785774
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850445796
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850357240
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850356757
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850356442
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850355856
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850448748
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850355458
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850355178
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850353925
PR Review Comment: https://git.openjdk.org/jdk/pull/22163#discussion_r1850354223

More information about the security-dev mailing list