RFR: 8244336: Restrict algorithms at JCE layer [v2]

Sean Mullan mullan at openjdk.org
Wed Jul 30 15:15:55 UTC 2025 

On Wed, 30 Jul 2025 07:25:57 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> This enhancement introduces a new security property "jdk.crypto.disabledAlgorithms" which can be leveraged to disable algorithms for JCE/JCA crypto services. For now, only Cipher, KeyStore, MessageDigest, and Signature services support this new security property. The support can be expanded later to cover more services if needed. Note that this security property is meant to disable algorithms irrespective of providers. If the algorithm is found to be disabled, it will be rejected before reaching out to provider(s) for the corresponding implementation(s).
>> 
>> A few implementation notes:
>> 1) The specified security property value is lazily loaded and all changes after it's been loaded are ignored. Invalid entries, e.g. wrong syntax, are ignored and removed. The algorithm name check is case-insensitive. If a disabled algorithm is known to has an object identifier (oid) by JDK, this oid and its aliases is also added to the disabled services.
>> 2) The algorithm name checking impl is based on the sun.security.util.AlgorithmConstraints class, but without the decomposing and different constraints.
>> 3) The hardwiring of NONEwithRSA signature to RSA/ECB/PKCS1Padding cipher in java.security.Signature class is removed. Instead, this is moved to the provider level, i.e. SunJCE and SunPKCS11 provider are changed to claim the NONEwithRSA signature support. Disabling one will not affect the other. 
>> 
>> CSR will be filed once the review is wrapping up.
>> 
>> Thanks~
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Address review comments from Sean and Tony.

src/java.base/share/classes/com/sun/crypto/provider/RSACipherAdaptor.java line 48:

> 46:  *
> 47:  * This is mostly refactored from the private static CipherAdapter class
> 48:  * in the java.security.Signature class

This comment won't be that helpful now that the static CipherAdapter class is gone. Maybe just remove it?

src/java.base/share/classes/com/sun/crypto/provider/RSACipherAdaptor.java line 50:

> 48:  * in the java.security.Signature class
> 49:  */
> 50: public final class RSACipherAdaptor extends SignatureSpi {

Can this be package-private?

src/java.base/share/classes/com/sun/crypto/provider/RSACipherAdaptor.java line 59:

> 57:     }
> 58: 
> 59:     protected void engineInitVerify(PublicKey publicKey)

Consider adding `@Override` annotations where relevant.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2243000102
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2242982775
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2243003226

More information about the security-dev mailing list