RFR: 8366211: Block signature scheme names to be used with CertificateSignature algorithm constraints usage [v2]
Weijun Wang
weijun at openjdk.org
Thu Sep 4 13:49:45 UTC 2025
On Thu, 28 Aug 2025 21:37:22 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> To avoid any user confusion, we should block signature scheme names to be used with `CertificateSignature` algorithm constraints usage. For example, `RSASSA-PSS` certificate signature algorithm corresponds to multiple signature scheme names and blocking one of those signature scheme with `CertificateSignature` usage directive won't block `RSASSA-PSS` certificate signature because other rsa_pss_* signature schemes still will be allowed. We should direct users to use certificate signature algorithm with `CertificateSignature` usage directive. For example:
>>
>> - To be blocked: "rsa_pss_pss_sha256 usage CertificateSignature"
>> - To be allowed: `RSASSA-PSS usage CertificateSignature` or `RSA usage CertificateSignature`
>
> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>
> Fix string concatenation alignment. Use upper-case characters in the test signature scheme name.
src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java line 822:
> 820: // We avoid calling back the SSL layer to get these names because of
> 821: // the circular dependency.
> 822: private static final Set<String> BLOCKED_FOR_CERT_SCOPE = Set.of(
Will we need to update the list whenever a new scheme is introduced? I've noticed all names contain an underscore and IIRC no standard name of a Signature has it. Do you think we can just check for the underscore character as a heuristic?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26970#discussion_r2322237448
More information about the security-dev
mailing list