archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8280494: (D)TLS signature schemes

Browse source 
Reviewed-by: mullan
This commit is contained in:
Xue-Lei Andrew Fan 2022-03-09 16:11:07 +00:00
parent 5df2a05770
commit 6d8d156c97
6 changed files with 509 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

148
src/java.base/share/classes/javax/net/ssl/SSLParameters.java
View file

@ -33,18 +33,20 @@ import java.util.*;
* are the list of ciphersuites to be accepted in an SSL/TLS/DTLS handshake,
* the list of protocols to be allowed, the endpoint identification
* algorithm during SSL/TLS/DTLS handshaking, the Server Name Indication (SNI),
* the maximum network packet size, the algorithm constraints and whether
* SSL/TLS/DTLS servers should request or require client authentication, etc.
* the maximum network packet size, the algorithm constraints, the signature
* schemes and whether SSL/TLS/DTLS servers should request or require client
* authentication, etc.
* <p>
* SSLParameters can be created via the constructors in this class.
* Objects can also be obtained using the {@code getSSLParameters()}
* methods in
* {@code SSLParameter} objects can be created via the constructors in this
* class, and can be described as pre-populated objects. {@code SSLParameter}
* objects can also be obtained using the {@code getSSLParameters()} methods in
* {@link SSLSocket#getSSLParameters SSLSocket} and
* {@link SSLServerSocket#getSSLParameters SSLServerSocket} and
* {@link SSLEngine#getSSLParameters SSLEngine} or the
* {@link SSLContext#getDefaultSSLParameters getDefaultSSLParameters()} and
* {@link SSLContext#getSupportedSSLParameters getSupportedSSLParameters()}
* methods in {@code SSLContext}.
* methods in {@code SSLContext}, and can be described as connection populated
* objects.
* <p>
* SSLParameters can be applied to a connection via the methods
* {@link SSLSocket#setSSLParameters SSLSocket.setSSLParameters()} and
@ -82,16 +84,17 @@ public class SSLParameters {
private boolean enableRetransmissions = true;
private int maximumPacketSize = 0;
private String[] applicationProtocols = new String[0];
private String[] signatureSchemes = null;
/**
* Constructs SSLParameters.
* <p>
* The values of cipherSuites, protocols, cryptographic algorithm
* constraints, endpoint identification algorithm, server names and
* server name matchers are set to {@code null}; useCipherSuitesOrder,
* wantClientAuth and needClientAuth are set to {@code false};
* enableRetransmissions is set to {@code true}; maximum network packet
* size is set to {@code 0}.
* constraints, endpoint identification algorithm, signature schemes,
* server names and server name matchers are set to {@code null};
* useCipherSuitesOrder, wantClientAuth and needClientAuth are set
* to {@code false}; enableRetransmissions is set to {@code true};
* maximum network packet size is set to {@code 0}.
*/
public SSLParameters() {
// empty
@ -367,7 +370,7 @@ public class SSLParameters {
* <P>
* It is recommended that providers initialize default Server Name
* Indications when creating {@code SSLSocket}/{@code SSLEngine}s.
* In the following examples, the server name could be represented by an
* In the following examples, the server name may be represented by an
* instance of {@link SNIHostName} which has been initialized with the
* hostname "www.example.com" and type
* {@link StandardConstants#SNI_HOST_NAME}.
@ -686,4 +689,125 @@ public class SSLParameters {
}
applicationProtocols = tempProtocols;
}
/**
* Returns a prioritized array of signature scheme names that can be used
* over the SSL/TLS/DTLS protocols.
* <p>
* Note that the standard list of signature scheme names are defined in
* the <a href=
* "{@docRoot}/../specs/security/standard-names.html#signature-schemes">
* Signature Schemes</a> section of the Java Security Standard Algorithm
* Names Specification. Providers may support signature schemes not defined
* in this list or may not use the recommended name for a certain
* signature scheme.
* <p>
* The set of signature schemes that will be used over the SSL/TLS/DTLS
* connections is determined by the returned array of this method and the
* underlying provider-specific default signature schemes.
* <p>
* If the returned array is {@code null}, then the underlying
* provider-specific default signature schemes will be used over the
* SSL/TLS/DTLS connections.
* <p>
* If the returned array is empty (zero-length), then the signature scheme
* negotiation mechanism is turned off for SSL/TLS/DTLS protocols, and
* the connections may not be able to be established if the negotiation
* mechanism is required by a certain SSL/TLS/DTLS protocol. This
* parameter will override the underlying provider-specific default
* signature schemes.
* <p>
* If the returned array is not {@code null} or empty (zero-length),
* then the signature schemes in the returned array will be used over
* the SSL/TLS/DTLS connections. This parameter will override the
* underlying provider-specific default signature schemes.
* <p>
* This method returns the most recent value passed to
* {@link #setSignatureSchemes} if that method has been called and
* otherwise returns the default signature schemes for connection
* populated objects, or {@code null} for pre-populated objects.
*
* @apiNote
* Note that a provider may not have been updated to support this method
* and in that case may return {@code null} instead of the default
* signature schemes for connection populated objects.
*
* @implNote
* The SunJSSE provider supports this method.
*
* @implNote
* Note that applications may use the
* {@systemProperty jdk.tls.client.SignatureSchemes} and/or
* {@systemProperty jdk.tls.server.SignatureSchemes} system properties
* with the SunJSSE provider to override the provider-specific default
* signature schemes.
*
* @return an array of signature scheme {@code Strings} or {@code null} if
* none have been set. For non-null returns, this method will
* return a new array each time it is invoked. The array is
* ordered based on signature scheme preference, with the first
* entry being the most preferred. Providers should ignore unknown
* signature scheme names while establishing the SSL/TLS/DTLS
* connections.
* @see #setSignatureSchemes
*
* @since 19
*/
public String[] getSignatureSchemes() {
return clone(signatureSchemes);
}
/**
* Sets the prioritized array of signature scheme names that
* can be used over the SSL/TLS/DTLS protocols.
* <p>
* Note that the standard list of signature scheme names are defined in
* the <a href=
* "{@docRoot}/../specs/security/standard-names.html#signature-schemes">
* Signature Schemes</a> section of the Java Security Standard Algorithm
* Names Specification. Providers may support signature schemes not
* defined in this list or may not use the recommended name for a certain
* signature scheme.
* <p>
* The set of signature schemes that will be used over the SSL/TLS/DTLS
* connections is determined by the input parameter {@code signatureSchemes}
* array and the underlying provider-specific default signature schemes.
* See {@link #getSignatureSchemes} for specific details on how the
* parameters are used in SSL/TLS/DTLS connections.
*
* @apiNote
* Note that a provider may not have been updated to support this method
* and in that case may ignore the schemes that are set.
*
* @implNote
* The SunJSSE provider supports this method.
*
* @param signatureSchemes an ordered array of signature scheme names with
* the first entry being the most preferred, or {@code null}. This
* method will make a copy of this array. Providers should ignore
* unknown signature scheme names while establishing the
* SSL/TLS/DTLS connections.
* @throws IllegalArgumentException if any element in the
* {@code signatureSchemes} array is {@code null} or
* {@linkplain String#isBlank() blank}.
*
* @see #getSignatureSchemes
*
* @since 19
*/
public void setSignatureSchemes(String[] signatureSchemes) {
String[] tempSchemes = null;
if (signatureSchemes != null) {
tempSchemes = signatureSchemes.clone();
for (String scheme : tempSchemes) {
if (scheme == null || scheme.isBlank()) {
throw new IllegalArgumentException(
"An element of signatureSchemes is null or blank");
}
}
}
this.signatureSchemes = tempSchemes;
}
}

70
src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,11 +29,7 @@ import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AlgorithmConstraints;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.*;
import java.util.function.BiFunction;
import javax.crypto.KeyGenerator;
import javax.net.ssl.HandshakeCompletedListener;
@ -66,7 +62,7 @@ final class SSLConfiguration implements Cloneable {
// The configured signature schemes for "signature_algorithms" and
// "signature_algorithms_cert" extensions
List<SignatureScheme> signatureSchemes;
String[] signatureSchemes;
// the maximum protocol version of enabled protocols
ProtocolVersion maximumProtocolVersion;
@ -204,6 +200,7 @@ final class SSLConfiguration implements Cloneable {
params.setUseCipherSuitesOrder(this.preferLocalCipherSuites);
params.setEnableRetransmissions(this.enableRetransmissions);
params.setMaximumPacketSize(this.maximumPacketSize);
params.setSignatureSchemes(this.signatureSchemes);
return params;
}
@ -261,6 +258,13 @@ final class SSLConfiguration implements Cloneable {
this.applicationProtocols = sa;
} // otherwise, use the default values
String[] ss = params.getSignatureSchemes();
if (ss != null) {
// Note if 'ss' is empty, then no signature schemes should be
// specified over the connections.
this.signatureSchemes = ss;
} // Otherwise, use the default values
this.preferLocalCipherSuites = params.getUseCipherSuitesOrder();
this.enableRetransmissions = params.getEnableRetransmissions();
this.maximumPacketSize = params.getMaximumPacketSize();
@ -403,10 +407,15 @@ final class SSLConfiguration implements Cloneable {
void toggleClientMode() {
this.isClientMode ^= true;
// reset the signature schemes
this.signatureSchemes = isClientMode ?
CustomizedClientSignatureSchemes.signatureSchemes :
CustomizedServerSignatureSchemes.signatureSchemes;
// Reset the signature schemes, if it was configured with SSLParameters.
if (Arrays.equals(signatureSchemes,
CustomizedClientSignatureSchemes.signatureSchemes) ||
Arrays.equals(signatureSchemes,
CustomizedServerSignatureSchemes.signatureSchemes)) {
this.signatureSchemes = isClientMode ?
CustomizedClientSignatureSchemes.signatureSchemes :
CustomizedServerSignatureSchemes.signatureSchemes;
}
}
@Override
@ -434,7 +443,7 @@ final class SSLConfiguration implements Cloneable {
//
// See Effective Java Second Edition: Item 71.
private static final class CustomizedClientSignatureSchemes {
private static final List<SignatureScheme> signatureSchemes =
private static final String[] signatureSchemes =
getCustomizedSignatureScheme("jdk.tls.client.SignatureSchemes");
}
@ -442,7 +451,7 @@ final class SSLConfiguration implements Cloneable {
//
// See Effective Java Second Edition: Item 71.
private static final class CustomizedServerSignatureSchemes {
private static final List<SignatureScheme> signatureSchemes =
private static final String[] signatureSchemes =
getCustomizedSignatureScheme("jdk.tls.server.SignatureSchemes");
}
@ -450,14 +459,12 @@ final class SSLConfiguration implements Cloneable {
* Get the customized signature schemes specified by the given
* system property.
*/
private static List<SignatureScheme> getCustomizedSignatureScheme(
String propertyName) {
private static String[] getCustomizedSignatureScheme(String propertyName) {
String property = GetPropertyAction.privilegedGetProperty(propertyName);
if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
SSLLogger.fine(
"System property " + propertyName + " is set to '" +
property + "'");
property + "'");
}
if (property != null && !property.isEmpty()) {
// remove double quote marks from beginning/end of the property
@ -469,31 +476,34 @@ final class SSLConfiguration implements Cloneable {
if (property != null && !property.isEmpty()) {
String[] signatureSchemeNames = property.split(",");
List<SignatureScheme> signatureSchemes =
new ArrayList<>(signatureSchemeNames.length);
for (int i = 0; i < signatureSchemeNames.length; i++) {
signatureSchemeNames[i] = signatureSchemeNames[i].trim();
if (signatureSchemeNames[i].isEmpty()) {
List<String> signatureSchemes =
new ArrayList<>(signatureSchemeNames.length);
for (String schemeName : signatureSchemeNames) {
schemeName = schemeName.trim();
if (schemeName.isEmpty()) {
continue;
}
SignatureScheme scheme =
SignatureScheme.nameOf(signatureSchemeNames[i]);
// Check the availability
SignatureScheme scheme = SignatureScheme.nameOf(schemeName);
if (scheme != null && scheme.isAvailable) {
signatureSchemes.add(scheme);
signatureSchemes.add(schemeName);
} else {
if (SSLLogger.isOn && SSLLogger.isOn("ssl,sslctx")) {
SSLLogger.fine(
"The current installed providers do not " +
"support signature scheme: " +
signatureSchemeNames[i]);
"The current installed providers do not " +
"support signature scheme: " + schemeName);
}
}
}
return signatureSchemes;
if (!signatureSchemes.isEmpty()) {
return signatureSchemes.toArray(new String[0]);
}
}
return Collections.emptyList();
// Note that if the System Property value is not defined (JDK
// default value) or empty, the provider-specific default is used.
return null;
}
}

54
src/java.base/share/classes/sun/security/ssl/SignatureScheme.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -181,7 +181,7 @@ enum SignatureScheme {
"anonymous", "rsa", "dsa", "ecdsa",
};
static enum SigAlgParamSpec { // support RSASSA-PSS only now
enum SigAlgParamSpec { // support RSASSA-PSS only now
RSA_PSS_SHA256 ("SHA-256", 32),
RSA_PSS_SHA384 ("SHA-384", 48),
RSA_PSS_SHA512 ("SHA-512", 64);
@ -224,13 +224,13 @@ enum SignatureScheme {
Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.SIGNATURE));
private SignatureScheme(int id, String name,
SignatureScheme(int id, String name,
String algorithm, String keyAlgorithm,
ProtocolVersion[] supportedProtocols) {
this(id, name, algorithm, keyAlgorithm, -1, supportedProtocols);
}
private SignatureScheme(int id, String name,
SignatureScheme(int id, String name,
String algorithm, String keyAlgorithm,
int minimalKeySize,
ProtocolVersion[] supportedProtocols) {
@ -238,7 +238,7 @@ enum SignatureScheme {
null, minimalKeySize, supportedProtocols);
}
private SignatureScheme(int id, String name,
SignatureScheme(int id, String name,
String algorithm, String keyAlgorithm,
SigAlgParamSpec signAlgParamSpec, int minimalKeySize,
ProtocolVersion[] supportedProtocols) {
@ -247,7 +247,7 @@ enum SignatureScheme {
supportedProtocols, supportedProtocols);
}
private SignatureScheme(int id, String name,
SignatureScheme(int id, String name,
String algorithm, String keyAlgorithm,
NamedGroup namedGroup,
ProtocolVersion[] supportedProtocols) {
@ -256,7 +256,7 @@ enum SignatureScheme {
supportedProtocols, supportedProtocols);
}
private SignatureScheme(int id, String name,
SignatureScheme(int id, String name,
String algorithm, String keyAlgorithm,
SigAlgParamSpec signAlgParams,
NamedGroup namedGroup, int minimalKeySize,
@ -376,15 +376,10 @@ enum SignatureScheme {
List<ProtocolVersion> activeProtocols) {
List<SignatureScheme> supported = new LinkedList<>();
// If config.signatureSchemes is non-empty then it means that
// it was defined by a System property. Per
// SSLConfiguration.getCustomizedSignatureScheme() the list will
// only contain schemes that are in the enum.
// Otherwise, use the enum constants (converted to a List).
List<SignatureScheme> schemesToCheck =
config.signatureSchemes.isEmpty() ?
config.signatureSchemes == null ?
Arrays.asList(SignatureScheme.values()) :
config.signatureSchemes;
namesOfAvailable(config.signatureSchemes);
for (SignatureScheme ss: schemesToCheck) {
if (!ss.isAvailable) {
@ -437,8 +432,8 @@ enum SignatureScheme {
}
} else if (ss.isAvailable &&
ss.supportedProtocols.contains(protocolVersion) &&
(config.signatureSchemes.isEmpty() ||
config.signatureSchemes.contains(ss)) &&
(config.signatureSchemes == null ||
Utilities.contains(config.signatureSchemes, ss.name)) &&
ss.isPermitted(constraints)) {
supported.add(ss);
} else {
@ -563,6 +558,33 @@ enum SignatureScheme {
return new String[0];
}
private static List<SignatureScheme> namesOfAvailable(
String[] signatureSchemes) {
if (signatureSchemes == null || signatureSchemes.length == 0) {
return Collections.emptyList();
}
List<SignatureScheme> sss = new ArrayList<>(signatureSchemes.length);
for (String ss : signatureSchemes) {
SignatureScheme scheme = SignatureScheme.nameOf(ss);
if (scheme == null || !scheme.isAvailable) {
if (SSLLogger.isOn &&
SSLLogger.isOn("ssl,handshake,verbose")) {
SSLLogger.finest(
"Ignore the signature algorithm (" + ss
+ "), unsupported or unavailable");
}
continue;
}
sss.add(scheme);
}
return sss;
}
// This method is used to get the signature instance of this signature
// scheme for the specific public key. Unlike getSigner(), the exception
// is bubbled up. If the public key does not support this signature

12
src/java.base/share/classes/sun/security/ssl/Utilities.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -229,6 +229,16 @@ final class Utilities {
}
}
static <T> boolean contains(T[] array, T item) {
for (T t : array) {
if (item.equals(t)) {
return true;
}
}
return false;
}
private static void swap(byte[] arr, int i, int j) {
byte tmp = arr[i];
arr[i] = arr[j];