archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 14:24:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms

Browse source 
Reviewed-by: mullan, weijun
This commit is contained in:
Hai-May Chao 2022-05-04 20:35:16 +00:00
parent 4d30a1e8d1
commit 09e6ee96bd
6 changed files with 360 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

99
src/java.base/share/classes/sun/security/tools/keytool/Main.java
View file

@ -63,6 +63,7 @@ import java.util.Base64;
import sun.security.pkcs12.PKCS12KeyStore; import sun.security.pkcs12.PKCS12KeyStore;
import sun.security.provider.certpath.CertPathConstraintsParameters; import sun.security.provider.certpath.CertPathConstraintsParameters;
import sun.security.util.ConstraintsParameters;
import sun.security.util.ECKeySizeParameterSpec; import sun.security.util.ECKeySizeParameterSpec;
import sun.security.util.KeyUtil; import sun.security.util.KeyUtil;
import sun.security.util.NamedCurve; import sun.security.util.NamedCurve;
@ -1869,6 +1870,11 @@ public final class Main {
Object[] source = {keysize, Object[] source = {keysize,
secKey.getAlgorithm()}; secKey.getAlgorithm()};
System.err.println(form.format(source)); System.err.println(form.format(source));
SecretKeyConstraintsParameters skcp =
new SecretKeyConstraintsParameters(secKey);
checkWeakConstraint(rb.getString("the.generated.secretkey"),
secKey, skcp);
} }
if (keyPass == null) { if (keyPass == null) {
@ -2184,6 +2190,23 @@ public final class Main {
} else { } else {
out.println("SecretKeyEntry, "); out.println("SecretKeyEntry, ");
} }
try {
SecretKey secKey = (SecretKey) keyStore.getKey(alias, storePass);
SecretKeyConstraintsParameters skcp =
new SecretKeyConstraintsParameters(secKey);
checkWeakConstraint(label, secKey, skcp);
} catch (UnrecoverableKeyException e) {
/*
* UnrecoverableKeyException will be thrown for any secret key
* entries that are protected by a different password than
* storePass, and we will not be able to check the constraints
* because we do not have the keyPass for this operation.
* This may occurs for keystores such as JCEKS. Note that this
* is not really a new issue as details about secret key entries
* other than the fact they exist as entries are not listed.
*/
}
} else if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) { } else if (keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) {
if (verbose || rfc || debug) { if (verbose || rfc || debug) {
Object[] source = {"PrivateKeyEntry"}; Object[] source = {"PrivateKeyEntry"};
@ -2489,13 +2512,23 @@ public final class Main {
} }
try { try {
keyStore.setEntry(newAlias, entry, pp);
Certificate c = srckeystore.getCertificate(alias); Certificate c = srckeystore.getCertificate(alias);
if (c != null) { if (c != null) {
CertPathConstraintsParameters cpcp = CertPathConstraintsParameters cpcp =
buildCertPathConstraint((X509Certificate)c, null); buildCertPathConstraint((X509Certificate)c, null);
checkWeakConstraint("<" + newAlias + ">", c, cpcp); checkWeakConstraint("<" + newAlias + ">", c, cpcp);
} else {
try {
Key key = keyStore.getKey(newAlias, newPass);
SecretKeyConstraintsParameters skcp =
new SecretKeyConstraintsParameters(key);
checkWeakConstraint("<" + newAlias + ">", (SecretKey)key, skcp);
} catch (UnrecoverableKeyException e) {
// skip
}
} }
keyStore.setEntry(newAlias, entry, pp);
// Place the check so that only successful imports are blocked. // Place the check so that only successful imports are blocked.
// For example, we don't block a failed SecretEntry import. // For example, we don't block a failed SecretEntry import.
if (P12KEYSTORE.equalsIgnoreCase(storetype) && !isPasswordlessKeyStore) { if (P12KEYSTORE.equalsIgnoreCase(storetype) && !isPasswordlessKeyStore) {
@ -5009,6 +5042,38 @@ public final class Main {
} }
} }
private void checkWeakConstraint(String label, SecretKey secKey,
SecretKeyConstraintsParameters skcp) {
// Do not check disabled algorithms for symmetric key based algorithms for now
String secKeyAlg = secKey.getAlgorithm();
/*
* Skipping a secret key entry if its algorithm starts with "PBE".
* This is because keytool can only see it as a PBE key and "PBE" is
* an alias of "PBEwithMD5andDES" inside the SunJCE security provider,
* and its getAlgorithm() always returns "PBEwithMD5andDES". Thus, keytool
* won't be able to determine whether this secret key entry is protected
* by a weak algorithm or not.
*/
if (secKeyAlg.startsWith("PBE"))
return;
try {
LEGACY_CHECK.permits(secKeyAlg, skcp, true);
} catch (CertPathValidatorException e) {
String eMessage = e.getMessage();
if (eMessage.contains("constraints check failed on keysize limits") &&
e.getReason() == BasicReason.ALGORITHM_CONSTRAINED) {
weakWarnings.add(String.format(
rb.getString("key.size.weak"), label,
String.format(rb.getString("key.bit"),
KeyUtil.getKeySize(secKey), secKeyAlg)));
} else {
weakWarnings.add(String.format(
rb.getString("key.algorithm.weak"), label, secKeyAlg));
}
}
}
private void checkWeakConstraint(String label, PKCS10 p10, private void checkWeakConstraint(String label, PKCS10 p10,
CertPathConstraintsParameters cpcp) throws Exception { CertPathConstraintsParameters cpcp) throws Exception {
checkWeakConstraint(label, p10.getSigAlg(), checkWeakConstraint(label, p10.getSigAlg(),
@ -5206,6 +5271,38 @@ public final class Main {
tinyHelp(); tinyHelp();
return null; // Useless, tinyHelp() already exits. return null; // Useless, tinyHelp() already exits.
} }
private static class SecretKeyConstraintsParameters implements ConstraintsParameters {
private final Key key;
private SecretKeyConstraintsParameters(Key key) {
this.key = key;
}
@Override
public boolean anchorIsJdkCA() {
return false;
}
@Override
public Set<Key> getKeys() {
return Set.of(key);
}
@Override
public Date getDate() {
return null;
}
@Override
public String getVariant() {
return null;
}
@Override
public String extendedExceptionMsg() {
return null;
}
}
} }
// This class is exactly the same as com.sun.tools.javac.util.Pair, // This class is exactly the same as com.sun.tools.javac.util.Pair,

5
src/java.base/share/classes/sun/security/tools/keytool/Resources.java
View file

@ -72,6 +72,8 @@ public class Resources extends java.util.ListResourceBundle {
"Generated {0} secret key"}, //-genseckey "Generated {0} secret key"}, //-genseckey
{"Generated.keysize.bit.keyAlgName.secret.key", {"Generated.keysize.bit.keyAlgName.secret.key",
"Generated {0}-bit {1} secret key"}, //-genseckey "Generated {0}-bit {1} secret key"}, //-genseckey
{"key.algorithm.weak", "%1$s uses the %2$s algorithm which is considered a security risk."},
{"key.size.weak", "%1$s uses a %2$s which is considered a security risk."},
{"Imports.entries.from.a.JDK.1.1.x.style.identity.database", {"Imports.entries.from.a.JDK.1.1.x.style.identity.database",
"Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb "Imports entries from a JDK 1.1.x-style identity database"}, //-identitydb
{"Imports.a.certificate.or.a.certificate.chain", {"Imports.a.certificate.or.a.certificate.chain",
@ -456,6 +458,7 @@ public class Resources extends java.util.ListResourceBundle {
// generating cert/cert req using weak algorithms // generating cert/cert req using weak algorithms
{"the.certificate.request", "The certificate request"}, {"the.certificate.request", "The certificate request"},
{"the.issuer", "The issuer"}, {"the.issuer", "The issuer"},
{"the.generated.secretkey", "The generated secret key"},
{"the.generated.certificate", "The generated certificate"}, {"the.generated.certificate", "The generated certificate"},
{"the.generated.crl", "The generated CRL"}, {"the.generated.crl", "The generated CRL"},
{"the.generated.certificate.request", "The generated certificate request"}, {"the.generated.certificate.request", "The generated certificate request"},
@ -485,7 +488,7 @@ public class Resources extends java.util.ListResourceBundle {
{"whose.sigalg.disabled", "%1$s uses the %2$s signature algorithm which is considered a security risk and is disabled."}, {"whose.sigalg.disabled", "%1$s uses the %2$s signature algorithm which is considered a security risk and is disabled."},
{"whose.sigalg.usagesignedjar", "%1$s uses the %2$s signature algorithm which is considered a security risk and cannot be used to sign JARs after %3$s."}, {"whose.sigalg.usagesignedjar", "%1$s uses the %2$s signature algorithm which is considered a security risk and cannot be used to sign JARs after %3$s."},
{"Unable.to.parse.denyAfter.string.in.exception.message", "Unable to parse denyAfter date string in exception message"}, {"Unable.to.parse.denyAfter.string.in.exception.message", "Unable to parse denyAfter date string in exception message"},
{"whose.sigalg.weak", "%1$s uses the %2$s signature algorithm which is considered a security risk. This algorithm will be disabled in a future update."}, {"whose.sigalg.weak", "%1$s uses the %2$s signature algorithm which is considered a security risk."},
{"whose.key.disabled", "%1$s uses a %2$s which is considered a security risk and is disabled."}, {"whose.key.disabled", "%1$s uses a %2$s which is considered a security risk and is disabled."},
{"whose.key.weak", "%1$s uses a %2$s which is considered a security risk. This key size will be disabled in a future update."}, {"whose.key.weak", "%1$s uses a %2$s which is considered a security risk. This key size will be disabled in a future update."},
{"jks.storetype.warning", "The %1$s keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using \"keytool -importkeystore -srckeystore %2$s -destkeystore %2$s -deststoretype pkcs12\"."}, {"jks.storetype.warning", "The %1$s keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using \"keytool -importkeystore -srckeystore %2$s -destkeystore %2$s -deststoretype pkcs12\"."},

9
src/java.base/share/conf/security/java.security
View file

@ -638,11 +638,9 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
SHA1 usage SignedJAR & denyAfter 2019-01-01 SHA1 usage SignedJAR & denyAfter 2019-01-01
# #
# Legacy algorithms for certification path (CertPath) processing and # Legacy cryptographic algorithms and key lengths.
# signed JAR files.
# #
# In some environments, a certain algorithm or key length may be undesirable # In some environments, a certain algorithm or key length may be undesirable.
# but is not yet disabled.
# #
# Tools such as keytool and jarsigner may emit warnings when these legacy # Tools such as keytool and jarsigner may emit warnings when these legacy
# algorithms are used. See the man pages for those tools for more information. # algorithms are used. See the man pages for those tools for more information.
@ -655,7 +653,8 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
# implementations. # implementations.
jdk.security.legacyAlgorithms=SHA1, \ jdk.security.legacyAlgorithms=SHA1, \
RSA keySize < 2048, DSA keySize < 2048 RSA keySize < 2048, DSA keySize < 2048, \
DES, DESede, MD5
# #
# Algorithm restrictions for signed JAR files # Algorithm restrictions for signed JAR files

4
test/jdk/sun/security/tools/keytool/ReadJar.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2016, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -159,7 +159,7 @@ public class ReadJar {
.shouldContain("Certificate #1:") .shouldContain("Certificate #1:")
.shouldContain("Certificate #2:") .shouldContain("Certificate #2:")
.shouldContain("Signer #2:") .shouldContain("Signer #2:")
.shouldMatch("The certificate #.* of signer #.*" + "uses the SHA1withRSA.*will be disabled") .shouldMatch("The certificate #.* of signer #.*" + "uses the SHA1withRSA.*considered a security risk")
.shouldMatch("The certificate #.* of signer #.*" + "uses a 512-bit RSA key.*is disabled") .shouldMatch("The certificate #.* of signer #.*" + "uses a 512-bit RSA key.*is disabled")
.shouldHaveExitValue(0); .shouldHaveExitValue(0);

234
test/jdk/sun/security/tools/keytool/WeakAlg.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2017, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -156,15 +156,15 @@ public class WeakAlg {
// (w/ different formats) // (w/ different formats)
checkWeakGenKeyPair("x", "-keyalg RSA -sigalg SHA1withRSA", "SHA1withRSA"); checkWeakGenKeyPair("x", "-keyalg RSA -sigalg SHA1withRSA", "SHA1withRSA");
checkWeakGenKeyPair("y", "-keyalg RSA -keysize 1024", "1024-bit RSA key"); checkWeakGenKeyPair("y", "-keyalg RSA -keysize 1024", "1024-bit RSA key");
checkWeakGenKeyPair("z", "-keyalg RSA", null); checkWeakGenKeyPair("z", "-keyalg RSA", "nowarn");
kt("-list") kt("-list")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("<x>.*SHA1withRSA.*will be disabled") .shouldMatch("<x>.*SHA1withRSA.*considered a security risk")
.shouldMatch("<y>.*1024-bit RSA key.*will be disabled"); .shouldMatch("<y>.*1024-bit RSA key.*will be disabled");
kt("-list -v") kt("-list -v")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("<x>.*SHA1withRSA.*will be disabled") .shouldMatch("<x>.*SHA1withRSA.*considered a security risk")
.shouldContain("SHA1withRSA (weak)") .shouldContain("SHA1withRSA (weak)")
.shouldMatch("<y>.*1024-bit RSA key.*will be disabled") .shouldMatch("<y>.*1024-bit RSA key.*will be disabled")
.shouldContain("1024-bit RSA key (weak)"); .shouldContain("1024-bit RSA key (weak)");
@ -173,21 +173,21 @@ public class WeakAlg {
// or -list or -exportcert // or -list or -exportcert
// -certreq, -printcertreq, -gencert // -certreq, -printcertreq, -gencert
checkWeakCertReq("x", "", null); checkWeakCertReq("x", "", "nowarn");
gencert("z-x", "") gencert("z-x", "")
.shouldNotContain("Warning"); // new sigalg is not weak .shouldNotContain("Warning"); // new sigalg is not weak
gencert("z-x", "-sigalg SHA1withRSA") gencert("z-x", "-sigalg SHA1withRSA")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("The generated certificate.*SHA1withRSA.*will be disabled"); .shouldMatch("The generated certificate.*SHA1withRSA.*considered a security risk");
checkWeakCertReq("x", "-sigalg SHA1withRSA", "SHA1withRSA"); checkWeakCertReq("x", "-sigalg SHA1withRSA", "SHA1withRSA");
gencert("z-x", "") gencert("z-x", "")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("The certificate request.*SHA1withRSA.*will be disabled"); .shouldMatch("The certificate request.*SHA1withRSA.*considered a security risk");
gencert("z-x", "-sigalg SHA1withRSA") gencert("z-x", "-sigalg SHA1withRSA")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("The certificate request.*SHA1withRSA.*will be disabled") .shouldMatch("The certificate request.*SHA1withRSA.*considered a security risk")
.shouldMatch("The generated certificate.*SHA1withRSA.*will be disabled"); .shouldMatch("The generated certificate.*SHA1withRSA.*considered a security risk");
checkWeakCertReq("y", "", "1024-bit RSA key"); checkWeakCertReq("y", "", "1024-bit RSA key");
gencert("z-y", "") gencert("z-y", "")
@ -195,10 +195,10 @@ public class WeakAlg {
.shouldMatch("The certificate request.*1024-bit RSA key.*will be disabled") .shouldMatch("The certificate request.*1024-bit RSA key.*will be disabled")
.shouldMatch("The generated certificate.*1024-bit RSA key.*will be disabled"); .shouldMatch("The generated certificate.*1024-bit RSA key.*will be disabled");
checkWeakCertReq("z", "", null); checkWeakCertReq("z", "", "nowarn");
gencert("x-z", "") gencert("x-z", "")
.shouldContain("Warning:") .shouldContain("Warning:")
.shouldMatch("The issuer.*SHA1withRSA.*will be disabled"); .shouldMatch("The issuer.*SHA1withRSA.*considered a security risk");
// but the new cert is not weak // but the new cert is not weak
kt("-printcert -file x-z.cert") kt("-printcert -file x-z.cert")
@ -210,10 +210,10 @@ public class WeakAlg {
.shouldMatch("The issuer.*1024-bit RSA key.*will be disabled"); .shouldMatch("The issuer.*1024-bit RSA key.*will be disabled");
// -gencrl, -printcrl // -gencrl, -printcrl
checkWeakGenCRL("x", "", null); checkWeakGenCRL("x", "", "nowarn");
checkWeakGenCRL("x", "-sigalg SHA1withRSA", "SHA1withRSA"); checkWeakGenCRL("x", "-sigalg SHA1withRSA", "SHA1withRSA");
checkWeakGenCRL("y", "", "1024-bit RSA key"); checkWeakGenCRL("y", "", "1024-bit RSA key");
checkWeakGenCRL("z", "", null); checkWeakGenCRL("z", "", "nowarn");
kt("-delete -alias y"); kt("-delete -alias y");
kt("-printcrl -file y.crl") kt("-printcrl -file y.crl")
@ -730,63 +730,114 @@ public class WeakAlg {
String alias, String options, String bad) { String alias, String options, String bad) {
OutputAnalyzer oa = genkeypair(alias, options); OutputAnalyzer oa = genkeypair(alias, options);
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The generated certificate.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The generated certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The generated certificate.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-exportcert -alias " + alias + " -file " + alias + ".cert"); oa = kt("-exportcert -alias " + alias + " -file " + alias + ".cert");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-exportcert -rfc -alias " + alias + " -file " + alias + ".cert"); oa = kt("-exportcert -rfc -alias " + alias + " -file " + alias + ".cert");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-printcert -rfc -file " + alias + ".cert"); oa = kt("-printcert -rfc -file " + alias + ".cert");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-list -alias " + alias); oa = kt("-list -alias " + alias);
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
// With cert content // With cert content
oa = kt("-printcert -file " + alias + ".cert"); oa = kt("-printcert -file " + alias + ".cert");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldContain(bad + " (weak)") case "SHA1withRSA":
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); oa.shouldContain("Warning")
.shouldContain(bad + " (weak)")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldContain(bad + " (weak)")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-list -v -alias " + alias); oa = kt("-list -v -alias " + alias);
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldContain(bad + " (weak)") case "SHA1withRSA":
.shouldMatch("The certificate.*" + bad + ".*will be disabled"); oa.shouldContain("Warning")
.shouldContain(bad + " (weak)")
.shouldMatch("The certificate.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldContain(bad + " (weak)")
.shouldMatch("The certificate.*" + bad + ".*will be disabled");
break;
} }
} }
@ -795,23 +846,39 @@ public class WeakAlg {
OutputAnalyzer oa = kt("-gencrl -alias " + alias OutputAnalyzer oa = kt("-gencrl -alias " + alias
+ " -id 1 -file " + alias + ".crl " + options); + " -id 1 -file " + alias + ".crl " + options);
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The generated CRL.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The generated CRL.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The generated CRL.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-printcrl -file " + alias + ".crl"); oa = kt("-printcrl -file " + alias + ".crl");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning") case "nowarn":
.shouldContain("Verified by " + alias + " in keystore") oa.shouldNotContain("Warning")
.shouldNotContain("(weak"); .shouldContain("Verified by " + alias + " in keystore")
} else { .shouldNotContain("(weak");
oa.shouldContain("Warning:") break;
.shouldMatch("The CRL.*" + bad + ".*will be disabled") case "SHA1withRSA":
.shouldContain("Verified by " + alias + " in keystore") oa.shouldContain("Warning")
.shouldContain(bad + " (weak)"); .shouldMatch("The CRL.*" + bad + ".*considered a security risk")
.shouldContain("Verified by " + alias + " in keystore")
.shouldContain(bad + " (weak)");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The CRL.*" + bad + ".*will be disabled")
.shouldContain("Verified by " + alias + " in keystore")
.shouldContain(bad + " (weak)");
break;
} }
} }
@ -819,21 +886,36 @@ public class WeakAlg {
String alias, String options, String bad) { String alias, String options, String bad) {
OutputAnalyzer oa = certreq(alias, options); OutputAnalyzer oa = certreq(alias, options);
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning"); case "nowarn":
} else { oa.shouldNotContain("Warning");
oa.shouldContain("Warning") break;
.shouldMatch("The generated certificate request.*" + bad + ".*will be disabled"); case "SHA1withRSA":
oa.shouldContain("Warning")
.shouldMatch("The generated certificate request.*" + bad + ".*considered a security risk");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The generated certificate request.*" + bad + ".*will be disabled");
break;
} }
oa = kt("-printcertreq -file " + alias + ".req"); oa = kt("-printcertreq -file " + alias + ".req");
if (bad == null) { switch (bad) {
oa.shouldNotContain("Warning") case "nowarn":
.shouldNotContain("(weak)"); oa.shouldNotContain("Warning")
} else { .shouldNotContain("(weak)");
oa.shouldContain("Warning") break;
.shouldMatch("The certificate request.*" + bad + ".*will be disabled") case "SHA1withRSA":
.shouldContain(bad + " (weak)"); oa.shouldContain("Warning")
.shouldMatch("The certificate request.*" + bad + ".*considered a security risk")
.shouldContain(bad + " (weak)");
break;
case "1024-bit RSA key":
oa.shouldContain("Warning")
.shouldMatch("The certificate request.*" + bad + ".*will be disabled")
.shouldContain(bad + " (weak)");
break;
} }
} }

94
test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java Normal file
View file

@ -0,0 +1,94 @@
/*
* Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8255552
* @summary Test keytool commands associated with secret key entries which use weak algorithms
* @library /test/lib
*/
import jdk.test.lib.SecurityTools;
import jdk.test.lib.process.OutputAnalyzer;
import java.nio.file.Files;
import java.nio.file.Paths;
public class WeakSecretKeyTest {
private static final String JAVA_SECURITY_FILE = "java.security";
public static void main(String[] args) throws Exception {
SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
"-genseckey -keyalg DESede -alias des3key")
.shouldContain("Warning")
.shouldMatch("The generated secret key uses the DESede algorithm.*considered a security risk")
.shouldHaveExitValue(0);
SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
"-genseckey -keyalg DES -alias deskey")
.shouldContain("Warning")
.shouldMatch("The generated secret key uses the DES algorithm.*considered a security risk")
.shouldHaveExitValue(0);
SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
"-genseckey -keyalg AES -alias aeskey -keysize 256")
.shouldNotContain("Warning")
.shouldNotMatch("The generated secret key uses the AES algorithm.*considered a security risk")
.shouldHaveExitValue(0);
SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
"-list -v")
.shouldContain("Warning")
.shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
.shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
.shouldNotMatch("<aeskey> uses the AES algorithm.*considered a security risk")
.shouldHaveExitValue(0);
SecurityTools.setResponse("changeit", "changeit");
SecurityTools.keytool("-importkeystore -srckeystore ks.p12 -destkeystore ks.new " +
"-deststoretype pkcs12 -srcstorepass changeit ")
.shouldContain("Warning")
.shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
.shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
.shouldHaveExitValue(0);
SecurityTools.keytool("-keystore ks.new -storepass changeit " +
"-list -v")
.shouldContain("Warning")
.shouldMatch("<des3key> uses the DESede algorithm.*considered a security risk")
.shouldMatch("<deskey> uses the DES algorithm.*considered a security risk")
.shouldHaveExitValue(0);
Files.writeString(Files.createFile(Paths.get(JAVA_SECURITY_FILE)),
"jdk.security.legacyAlgorithms=AES keySize < 256\n");
SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
"-genseckey -keyalg AES -alias aeskey1 -keysize 128 " +
"-J-Djava.security.properties=" +
JAVA_SECURITY_FILE)
.shouldContain("Warning")
.shouldMatch("The generated secret key uses a 128-bit AES key.*considered a security risk")
.shouldHaveExitValue(0);
}
}