Mercurial > hg > openjdk > jdk8u > jdk
changeset 14332:886fa7874189
8233228: Disable weak named curves by default in TLS, CertPath, and Signed JAR
Reviewed-by: andrew
Contributed-by: Sergey Chernyshev <serge.chernyshev@bell-sw.com>
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/keytool/Main.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/tools/keytool/Main.java Tue Jan 12 12:45:36 2021 +0300 @@ -50,7 +50,9 @@ import java.security.cert.CRL; import java.security.cert.X509Certificate; import java.security.cert.CertificateException; +import java.security.interfaces.ECKey; import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.ECParameterSpec; import java.text.Collator; import java.text.MessageFormat; import java.util.*; @@ -71,6 +73,7 @@ import sun.security.util.DisabledAlgorithmConstraints; import sun.security.util.KeyUtil; +import sun.security.util.NamedCurve; import sun.security.util.ObjectIdentifier; import sun.security.pkcs10.PKCS10; import sun.security.pkcs10.PKCS10Attribute; @@ -3089,6 +3092,17 @@ } } + private String fullDisplayAlgName(Key key) { + String result = key.getAlgorithm(); + if (key instanceof ECKey) { + ECParameterSpec paramSpec = ((ECKey) key).getParams(); + if (paramSpec instanceof NamedCurve) { + result += " (" + paramSpec.toString().split(" ")[0] + ")"; + } + } + return result; + } + private String withWeak(PublicKey key) { if (DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) { return String.format(rb.getString("key.bit"), @@ -4361,7 +4375,7 @@ rb.getString("whose.key.risk"), label, String.format(rb.getString("key.bit"), - KeyUtil.getKeySize(key), key.getAlgorithm()))); + KeyUtil.getKeySize(key), fullDisplayAlgName(key)))); } }
--- a/src/share/classes/sun/security/util/AbstractAlgorithmConstraints.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/util/AbstractAlgorithmConstraints.java Tue Jan 12 12:45:36 2021 +0300 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -29,6 +29,10 @@ import java.security.AlgorithmConstraints; import java.security.PrivilegedAction; import java.security.Security; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; import java.util.Set; /** @@ -44,7 +48,7 @@ } // Get algorithm constraints from the specified security property. - static String[] getAlgorithms(String propertyName) { + static List<String> getAlgorithms(String propertyName) { String property = AccessController.doPrivileged( new PrivilegedAction<String>() { @Override @@ -68,12 +72,12 @@ // map the disabled algorithms if (algorithmsInProperty == null) { - algorithmsInProperty = new String[0]; + return Collections.emptyList(); } - return algorithmsInProperty; + return new ArrayList<>(Arrays.asList(algorithmsInProperty)); } - static boolean checkAlgorithm(String[] algorithms, String algorithm, + static boolean checkAlgorithm(List<String> algorithms, String algorithm, AlgorithmDecomposer decomposer) { if (algorithm == null || algorithm.length() == 0) { throw new IllegalArgumentException("No algorithm name specified");
--- a/src/share/classes/sun/security/util/ConstraintsParameters.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/util/ConstraintsParameters.java Tue Jan 12 12:45:36 2021 +0300 @@ -31,6 +31,7 @@ import java.security.Key; import java.security.Timestamp; import java.security.cert.X509Certificate; +import java.security.interfaces.ECKey; import java.util.Date; /** @@ -49,8 +50,8 @@ private final String algorithm; // AlgorithmParameters to the algorithm being checked private final AlgorithmParameters algParams; - // Public Key being checked against constraints - private final Key publicKey; + // Key being checked against constraints + private final Key key; /* * New values that are checked against constraints that the current public @@ -66,6 +67,9 @@ // Timestamp of the signed JAR file private final Timestamp jarTimestamp; private final String variant; + // Named Curve + private final String[] curveStr; + private static final String[] EMPTYLIST = new String[0]; public ConstraintsParameters(X509Certificate c, boolean match, Date pkixdate, Timestamp jarTime, String variant) { @@ -76,14 +80,20 @@ this.variant = (variant == null ? Validator.VAR_GENERIC : variant); algorithm = null; algParams = null; - publicKey = null; + key = null; + if (c != null) { + curveStr = getNamedCurveFromKey(c.getPublicKey()); + } else { + curveStr = EMPTYLIST; + } } public ConstraintsParameters(String algorithm, AlgorithmParameters params, Key key, String variant) { this.algorithm = algorithm; algParams = params; - this.publicKey = key; + this.key = key; + curveStr = getNamedCurveFromKey(key); cert = null; trustedMatch = false; pkixDate = null; @@ -109,9 +119,10 @@ return algParams; } - public Key getPublicKey() { - return publicKey; + public Key getKey() { + return key; } + // Returns if the trust anchor has a match if anchor checking is enabled. public boolean isTrustedMatch() { return trustedMatch; @@ -132,4 +143,42 @@ public String getVariant() { return variant; } + + public String[] getNamedCurve() { + return curveStr; + } + + public static String[] getNamedCurveFromKey(Key key) { + if (key instanceof ECKey) { + NamedCurve nc = CurveDB.lookup(((ECKey)key).getParams()); + return (nc == null ? EMPTYLIST : CurveDB.getNamesByOID(nc.getObjectId())); + } else { + return EMPTYLIST; + } + } + + public String toString() { + StringBuilder s = new StringBuilder(); + s.append("Cert: "); + if (cert != null) { + s.append(cert.toString()); + s.append("\nSigAlgo: "); + s.append(cert.getSigAlgName()); + } else { + s.append("None"); + } + s.append("\nAlgParams: "); + if (getAlgParams() != null) { + getAlgParams().toString(); + } else { + s.append("None"); + } + s.append("\nNamedCurves: "); + for (String c : getNamedCurve()) { + s.append(c + " "); + } + s.append("\nVariant: " + getVariant()); + return s.toString(); + } + }
--- a/src/share/classes/sun/security/util/CurveDB.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/util/CurveDB.java Tue Jan 12 12:45:36 2021 +0300 @@ -155,8 +155,27 @@ } } + private static class Holder { + private static final Pattern nameSplitPattern = Pattern.compile( + SPLIT_PATTERN); + } + + // Return all the names the EC curve could be using. + static String[] getNamesByOID(String oid) { + NamedCurve nc = oidMap.get(oid); + if (nc == null) { + return new String[0]; + } + String[] list = Holder.nameSplitPattern.split(nc.getName()); + int i = 0; + do { + list[i] = list[i].trim(); + } while (++i < list.length); + return list; + } + static { - Pattern nameSplitPattern = Pattern.compile(SPLIT_PATTERN); + Pattern nameSplitPattern = Holder.nameSplitPattern; /* SEC2 prime curves */ add("secp112r1", "1.3.132.0.6", P,
--- a/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/util/DisabledAlgorithmConstraints.java Tue Jan 12 12:45:36 2021 +0300 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -60,19 +60,23 @@ public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints { private static final Debug debug = Debug.getInstance("certpath"); - // the known security property, jdk.certpath.disabledAlgorithms + // Disabled algorithm security property for certificate path public static final String PROPERTY_CERTPATH_DISABLED_ALGS = "jdk.certpath.disabledAlgorithms"; - // the known security property, jdk.tls.disabledAlgorithms + // Disabled algorithm security property for TLS public static final String PROPERTY_TLS_DISABLED_ALGS = "jdk.tls.disabledAlgorithms"; - // the known security property, jdk.jar.disabledAlgorithms + // Disabled algorithm security property for jar public static final String PROPERTY_JAR_DISABLED_ALGS = "jdk.jar.disabledAlgorithms"; - private final String[] disabledAlgorithms; + // Property for disabled EC named curves + private static final String PROPERTY_DISABLED_EC_CURVES = + "jdk.disabled.namedCurves"; + + private final List<String> disabledAlgorithms; private final Constraints algorithmConstraints; /** @@ -97,6 +101,24 @@ AlgorithmDecomposer decomposer) { super(decomposer); disabledAlgorithms = getAlgorithms(propertyName); + + // Check for alias + int ecindex = -1, i = 0; + for (String s : disabledAlgorithms) { + if (s.regionMatches(true, 0,"include ", 0, 8)) { + if (s.regionMatches(true, 8, PROPERTY_DISABLED_EC_CURVES, 0, + PROPERTY_DISABLED_EC_CURVES.length())) { + ecindex = i; + break; + } + } + i++; + } + if (ecindex > -1) { + disabledAlgorithms.remove(ecindex); + disabledAlgorithms.addAll(ecindex, + getAlgorithms(PROPERTY_DISABLED_EC_CURVES)); + } algorithmConstraints = new Constraints(disabledAlgorithms); } @@ -164,6 +186,19 @@ public final void permits(String algorithm, ConstraintsParameters cp) throws CertPathValidatorException { + + // Check if named curves in the ConstraintParameters are disabled. + if (cp.getNamedCurve() != null) { + for (String curve : cp.getNamedCurve()) { + if (!checkAlgorithm(disabledAlgorithms, curve, decomposer)) { + throw new CertPathValidatorException( + "Algorithm constraints check failed on disabled " + + "algorithm: " + curve, + null, null, -1, BasicReason.ALGORITHM_CONSTRAINED); + } + } + } + algorithmConstraints.permits(algorithm, cp); } @@ -199,6 +234,13 @@ return false; } + // If this is an elliptic curve, check disabled the named curve. + for (String curve : ConstraintsParameters.getNamedCurveFromKey(key)) { + if (!permits(primitives, curve, null)) { + return false; + } + } + // check the key constraints return algorithmConstraints.permits(key); } @@ -230,7 +272,7 @@ "denyAfter\\s+(\\d{4})-(\\d{2})-(\\d{2})"); } - public Constraints(String[] constraintArray) { + public Constraints(List<String> constraintArray) { for (String constraintEntry : constraintArray) { if (constraintEntry == null || constraintEntry.isEmpty()) { continue; @@ -258,7 +300,9 @@ alias.toUpperCase(Locale.ENGLISH), constraintList); } - if (space <= 0) { + // If there is no whitespace, it is a algorithm name; however, + // if there is a whitespace, could be a multi-word EC curve too. + if (space <= 0 || CurveDB.lookup(constraintEntry) != null) { constraintList.add(new DisabledConstraint(algorithm)); continue; } @@ -357,7 +401,7 @@ for (Constraint constraint : list) { if (!constraint.permits(key)) { if (debug != null) { - debug.println("keySizeConstraint: failed key " + + debug.println("Constraints: failed key size" + "constraint check " + KeyUtil.getKeySize(key)); } return false; @@ -376,7 +420,7 @@ for (Constraint constraint : list) { if (!constraint.permits(aps)) { if (debug != null) { - debug.println("keySizeConstraint: failed algorithm " + + debug.println("Constraints: failed algorithm " + "parameters constraint check " + aps); } @@ -393,8 +437,7 @@ X509Certificate cert = cp.getCertificate(); if (debug != null) { - debug.println("Constraints.permits(): " + algorithm + - " Variant: " + cp.getVariant()); + debug.println("Constraints.permits(): " + cp.toString()); } // Get all signature algorithms to check for constraints @@ -408,8 +451,8 @@ if (cert != null) { algorithms.add(cert.getPublicKey().getAlgorithm()); } - if (cp.getPublicKey() != null) { - algorithms.add(cp.getPublicKey().getAlgorithm()); + if (cp.getKey() != null) { + algorithms.add(cp.getKey().getAlgorithm()); } // Check all applicable constraints for (String alg : algorithms) { @@ -548,10 +591,7 @@ * the constraint denies the operation. */ boolean next(Key key) { - if (nextConstraint != null && nextConstraint.permits(key)) { - return true; - } - return false; + return nextConstraint != null && nextConstraint.permits(key); } String extendedMsg(ConstraintsParameters cp) { @@ -803,8 +843,8 @@ public void permits(ConstraintsParameters cp) throws CertPathValidatorException { Key key = null; - if (cp.getPublicKey() != null) { - key = cp.getPublicKey(); + if (cp.getKey() != null) { + key = cp.getKey(); } else if (cp.getCertificate() != null) { key = cp.getCertificate().getPublicKey(); }
--- a/src/share/classes/sun/security/util/LegacyAlgorithmConstraints.java Thu May 29 13:27:36 2014 +0400 +++ b/src/share/classes/sun/security/util/LegacyAlgorithmConstraints.java Tue Jan 12 12:45:36 2021 +0300 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,8 +28,8 @@ import java.security.AlgorithmParameters; import java.security.CryptoPrimitive; import java.security.Key; +import java.util.List; import java.util.Set; -import static sun.security.util.AbstractAlgorithmConstraints.getAlgorithms; /** * Algorithm constraints for legacy algorithms. @@ -40,7 +40,7 @@ public final static String PROPERTY_TLS_LEGACY_ALGS = "jdk.tls.legacyAlgorithms"; - private final String[] legacyAlgorithms; + private final List<String> legacyAlgorithms; public LegacyAlgorithmConstraints(String propertyName, AlgorithmDecomposer decomposer) {
--- a/src/share/lib/security/java.security-aix Thu May 29 13:27:36 2014 +0400 +++ b/src/share/lib/security/java.security-aix Tue Jan 12 12:45:36 2021 +0300 @@ -452,6 +452,22 @@ sun.security.krb5.maxReferrals=5 # +# This property contains a list of disabled EC Named Curves that can be included +# in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this +# list in any of the disabledAlgorithms properties, add the property name as +# an entry. +jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \ + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \ + secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \ + sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \ + sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \ + sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \ + X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \ + X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \ + X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \ + brainpoolP320r1, brainpoolP384r1, brainpoolP512r1 + +# # Algorithm restrictions for certification path (CertPath) processing # # In some environments, certain algorithms or key lengths may be undesirable @@ -465,7 +481,7 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] { '&' Constraint } +# AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty # # AlgorithmName: # (see below) @@ -492,6 +508,9 @@ # UsageConstraint: # usage [TLSServer] [TLSClient] [SignedJAR] # +# IncludeProperty: +# include <security property> +# # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name # Documentation" for information about Standard Algorithm Names. Matching @@ -504,6 +523,14 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # +# The "IncludeProperty" allows a implementation-defined security property that +# can be included in the disabledAlgorithms properties. These properties are +# to help manage common actions easier across multiple disabledAlgorithm +# properties. +# There is one defined security property: jdk.disabled.NamedCurves +# See the property for more specific details. +# +# # A "Constraint" defines restrictions on the keys and/or certificates for # a specified AlgorithmName: # @@ -576,7 +603,8 @@ # # jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ - RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \ + include jdk.disabled.namedCurves # # Algorithm restrictions for signed JAR files @@ -619,7 +647,8 @@ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024, include jdk.disabled.namedCurves # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security @@ -652,7 +681,8 @@ # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ - EC keySize < 224, 3DES_EDE_CBC, anon, NULL + EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ + include jdk.disabled.namedCurves # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-linux Thu May 29 13:27:36 2014 +0400 +++ b/src/share/lib/security/java.security-linux Tue Jan 12 12:45:36 2021 +0300 @@ -452,6 +452,22 @@ sun.security.krb5.maxReferrals=5 # +# This property contains a list of disabled EC Named Curves that can be included +# in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this +# list in any of the disabledAlgorithms properties, add the property name as +# an entry. +jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \ + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \ + secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \ + sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \ + sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \ + sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \ + X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \ + X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \ + X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \ + brainpoolP320r1, brainpoolP384r1, brainpoolP512r1 + +# # Algorithm restrictions for certification path (CertPath) processing # # In some environments, certain algorithms or key lengths may be undesirable @@ -465,7 +481,7 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] { '&' Constraint } +# AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty # # AlgorithmName: # (see below) @@ -492,6 +508,9 @@ # UsageConstraint: # usage [TLSServer] [TLSClient] [SignedJAR] # +# IncludeProperty: +# include <security property> +# # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name # Documentation" for information about Standard Algorithm Names. Matching @@ -504,6 +523,14 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # +# The "IncludeProperty" allows a implementation-defined security property that +# can be included in the disabledAlgorithms properties. These properties are +# to help manage common actions easier across multiple disabledAlgorithm +# properties. +# There is one defined security property: jdk.disabled.NamedCurves +# See the property for more specific details. +# +# # A "Constraint" defines restrictions on the keys and/or certificates for # a specified AlgorithmName: # @@ -576,7 +603,8 @@ # # jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ - RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \ + include jdk.disabled.namedCurves # # Algorithm restrictions for signed JAR files @@ -619,7 +647,8 @@ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024, include jdk.disabled.namedCurves # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security @@ -652,7 +681,8 @@ # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ - EC keySize < 224, 3DES_EDE_CBC, anon, NULL + EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ + include jdk.disabled.namedCurves # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-macosx Thu May 29 13:27:36 2014 +0400 +++ b/src/share/lib/security/java.security-macosx Tue Jan 12 12:45:36 2021 +0300 @@ -455,6 +455,22 @@ sun.security.krb5.maxReferrals=5 # +# This property contains a list of disabled EC Named Curves that can be included +# in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this +# list in any of the disabledAlgorithms properties, add the property name as +# an entry. +jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \ + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \ + secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \ + sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \ + sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \ + sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \ + X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \ + X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \ + X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \ + brainpoolP320r1, brainpoolP384r1, brainpoolP512r1 + +# # Algorithm restrictions for certification path (CertPath) processing # # In some environments, certain algorithms or key lengths may be undesirable @@ -468,7 +484,7 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] { '&' Constraint } +# AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty # # AlgorithmName: # (see below) @@ -495,6 +511,9 @@ # UsageConstraint: # usage [TLSServer] [TLSClient] [SignedJAR] # +# IncludeProperty: +# include <security property> +# # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name # Documentation" for information about Standard Algorithm Names. Matching @@ -507,6 +526,14 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # +# The "IncludeProperty" allows a implementation-defined security property that +# can be included in the disabledAlgorithms properties. These properties are +# to help manage common actions easier across multiple disabledAlgorithm +# properties. +# There is one defined security property: jdk.disabled.NamedCurves +# See the property for more specific details. +# +# # A "Constraint" defines restrictions on the keys and/or certificates for # a specified AlgorithmName: # @@ -579,7 +606,8 @@ # # jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ - RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \ + include jdk.disabled.namedCurves # # Algorithm restrictions for signed JAR files @@ -622,7 +650,8 @@ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024, include jdk.disabled.namedCurves # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security @@ -655,7 +684,8 @@ # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ - EC keySize < 224, 3DES_EDE_CBC, anon, NULL + EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ + include jdk.disabled.namedCurves # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-solaris Thu May 29 13:27:36 2014 +0400 +++ b/src/share/lib/security/java.security-solaris Tue Jan 12 12:45:36 2021 +0300 @@ -453,6 +453,22 @@ sun.security.krb5.maxReferrals=5 # +# This property contains a list of disabled EC Named Curves that can be included +# in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this +# list in any of the disabledAlgorithms properties, add the property name as +# an entry. +jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \ + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \ + secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \ + sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \ + sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \ + sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \ + X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \ + X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \ + X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \ + brainpoolP320r1, brainpoolP384r1, brainpoolP512r1 + +# # Algorithm restrictions for certification path (CertPath) processing # # In some environments, certain algorithms or key lengths may be undesirable @@ -466,7 +482,7 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] { '&' Constraint } +# AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty # # AlgorithmName: # (see below) @@ -493,6 +509,9 @@ # UsageConstraint: # usage [TLSServer] [TLSClient] [SignedJAR] # +# IncludeProperty: +# include <security property> +# # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name # Documentation" for information about Standard Algorithm Names. Matching @@ -505,6 +524,14 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # +# The "IncludeProperty" allows a implementation-defined security property that +# can be included in the disabledAlgorithms properties. These properties are +# to help manage common actions easier across multiple disabledAlgorithm +# properties. +# There is one defined security property: jdk.disabled.NamedCurves +# See the property for more specific details. +# +# # A "Constraint" defines restrictions on the keys and/or certificates for # a specified AlgorithmName: # @@ -577,7 +604,8 @@ # # jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ - RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \ + include jdk.disabled.namedCurves # # Algorithm restrictions for signed JAR files @@ -620,7 +648,8 @@ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024, include jdk.disabled.namedCurves # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security @@ -653,7 +682,8 @@ # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ - EC keySize < 224, 3DES_EDE_CBC, anon, NULL + EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ + include jdk.disabled.namedCurves # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) # processing in JSSE implementation.
--- a/src/share/lib/security/java.security-windows Thu May 29 13:27:36 2014 +0400 +++ b/src/share/lib/security/java.security-windows Tue Jan 12 12:45:36 2021 +0300 @@ -455,6 +455,22 @@ sun.security.krb5.maxReferrals=5 # +# This property contains a list of disabled EC Named Curves that can be included +# in the jdk.[tls|certpath|jar].disabledAlgorithms properties. To include this +# list in any of the disabledAlgorithms properties, add the property name as +# an entry. +jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \ + secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \ + secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \ + sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \ + sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \ + sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \ + X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \ + X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \ + X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \ + brainpoolP320r1, brainpoolP384r1, brainpoolP512r1 + +# # Algorithm restrictions for certification path (CertPath) processing # # In some environments, certain algorithms or key lengths may be undesirable @@ -468,7 +484,7 @@ # " DisabledAlgorithm { , DisabledAlgorithm } " # # DisabledAlgorithm: -# AlgorithmName [Constraint] { '&' Constraint } +# AlgorithmName [Constraint] { '&' Constraint } | IncludeProperty # # AlgorithmName: # (see below) @@ -495,6 +511,9 @@ # UsageConstraint: # usage [TLSServer] [TLSClient] [SignedJAR] # +# IncludeProperty: +# include <security property> +# # The "AlgorithmName" is the standard algorithm name of the disabled # algorithm. See "Java Cryptography Architecture Standard Algorithm Name # Documentation" for information about Standard Algorithm Names. Matching @@ -507,6 +526,14 @@ # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion # will not disable algorithms related to "ECDSA". # +# The "IncludeProperty" allows a implementation-defined security property that +# can be included in the disabledAlgorithms properties. These properties are +# to help manage common actions easier across multiple disabledAlgorithm +# properties. +# There is one defined security property: jdk.disabled.NamedCurves +# See the property for more specific details. +# +# # A "Constraint" defines restrictions on the keys and/or certificates for # a specified AlgorithmName: # @@ -579,7 +606,8 @@ # # jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ - RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, \ + include jdk.disabled.namedCurves # # Algorithm restrictions for signed JAR files @@ -622,7 +650,8 @@ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024, include jdk.disabled.namedCurves # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security @@ -655,7 +684,8 @@ # Example: # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ - EC keySize < 224, 3DES_EDE_CBC, anon, NULL + EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \ + include jdk.disabled.namedCurves # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) # processing in JSSE implementation.