RFR: 8366211: Block signature scheme names to be used with CertificateSignature algorithm constraints usage [v2]

Weijun Wang weijun at openjdk.org
Thu Sep 4 13:49:45 UTC 2025


On Thu, 28 Aug 2025 21:37:22 GMT, Artur Barashev <abarashev at openjdk.org> wrote:

>> To avoid any user confusion, we should block signature scheme names to be used with `CertificateSignature` algorithm constraints usage. For example, `RSASSA-PSS` certificate signature algorithm corresponds to multiple signature scheme names and blocking one of those signature scheme with `CertificateSignature` usage directive won't block `RSASSA-PSS` certificate signature because other rsa_pss_* signature schemes still will be allowed. We should direct users to use certificate signature algorithm with `CertificateSignature` usage directive. For example:
>> 
>> - To be blocked: "rsa_pss_pss_sha256 usage CertificateSignature"
>> - To be allowed: `RSASSA-PSS usage CertificateSignature` or `RSA usage CertificateSignature`
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Fix string concatenation alignment. Use upper-case characters in the test signature scheme name.

src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java line 822:

> 820:         // We avoid calling back the SSL layer to get these names because of
> 821:         // the circular dependency.
> 822:         private static final Set<String> BLOCKED_FOR_CERT_SCOPE = Set.of(

Will we need to update the list whenever a new scheme is introduced? I've noticed all names contain an underscore and IIRC no standard name of a Signature has it. Do you think we can just check for the underscore character as a heuristic?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26970#discussion_r2322237448


More information about the security-dev mailing list