[8u] RFR: 8172404: Tools should warn if weak algorithms are used before restricting them

Severin Gehwolf sgehwolf at redhat.com
Mon Jan 11 11:35:15 UTC 2021


Please review this 8u backport of JDK-8172404, an enhancement to warn
about insecure and soon-to-be-disabled algorithms in security tools.
This patch introduces a new security property,
jdk.security.legacyAlgorithms, and thus requires a CSR. Since Oracle
backported this patch, we are re-using that CSR.

The original patch doesn't apply cleanly so I had to adjust hunks
manually. In order for this backport to apply better, it depends on
JDK-8185934[1] and JDK-8233228[2]. Of particular note are the
differences in jarsigner/Main.java method signJar(). For this backport,
I've moved initialization of a null sigalg a bit earlier in signJar()
by virtue of calling new private static method
getDefaultSignatureAlgorithm(privateKey). This allows one to reason
that sigalg, tSADigestAlg and digestalg will never be null when new
method checkWeakSign() is being called. The former, because of what
I've just explained earlier, the latter two because they are being set
to default values on object construction in contrast to code in JDK

Bug: https://bugs.openjdk.java.net/browse/JDK-8172404
webrev: https://cr.openjdk.java.net/~sgehwolf/webrevs/JDK-8172404/jdk8/02/webrev/
CSR (approved): https://bugs.openjdk.java.net/browse/JDK-8238640

Testing: keytool/jarsigner tests. Manual testing that warnings are
being printed for weak CA certs in cacerts



[1] On review here:
[2] Reviewed and 8u-Maintainer-approved. Waiting for push:

More information about the jdk8u-dev mailing list