stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8279164: Disable TLS_ECDH_* cipher suites

Browse Source 
Reviewed-by: xuelei, rhalade, wetmore
This commit is contained in:
Sean Mullan 2022-11-07 14:07:10 +00:00
parent d634ddefdd
commit 00d22f605d
4 changed files with 45 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/java.base/share/conf/security/java.security
View File

@ -746,7 +746,8 @@ http.auth.digest.disabledAlgorithms = MD5, SHA-1
# jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048, \
# rsa_pkcs1_sha1, secp224r1
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, DTLSv1.0, RC4, DES, \
MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL
MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
ECDH
#
# Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)

4
test/jdk/javax/net/ssl/DTLS/CipherSuite.java
View File

@ -43,10 +43,10 @@
* @run main/othervm CipherSuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 re-enable
* @run main/othervm CipherSuite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
* @run main/othervm CipherSuite TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 re-enable
*/
import javax.net.ssl.SSLEngine;

36
test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java
View File

@ -23,7 +23,7 @@
/*
* @test
* @bug 8076221 8211883 8163327
* @bug 8076221 8211883 8163327 8279164
* @summary Check if weak cipher suites are disabled
* @modules jdk.crypto.ec
* @run main/othervm DisabledAlgorithms default
@ -60,9 +60,8 @@ public class DisabledAlgorithms {
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + trustStoreFile;
// supported 3DES, DES, RC4, NULL, and anon cipher suites
// it does not contain KRB5 cipher suites because they need a KDC
private static final String[] desede_des_rc4_null_anon_ciphersuites
// disabled 3DES, DES, RC4, NULL, anon, and ECDH cipher suites
private static final String[] disabled_ciphersuites
= new String[] {
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
@ -109,7 +108,19 @@ public class DisabledAlgorithms {
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA"
"SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
};
public static void main(String[] args) throws Exception {
@ -128,9 +139,8 @@ public class DisabledAlgorithms {
System.out.println("jdk.tls.disabledAlgorithms = "
+ Security.getProperty("jdk.tls.disabledAlgorithms"));
// check if 3DES, DES, RC4, NULL, and anon cipher suites
// can't be used by default
checkFailure(desede_des_rc4_null_anon_ciphersuites);
// check that disabled cipher suites can't be used by default
checkFailure(disabled_ciphersuites);
break;
case "empty":
// reset jdk.tls.disabledAlgorithms
@ -144,9 +154,9 @@ public class DisabledAlgorithms {
System.out.println("jdk.certpath.disabledAlgorithms = "
+ Security.getProperty("jdk.certpath.disabledAlgorithms"));
// check if 3DES, DES, RC4, NULL, and anon cipher suites
// can be used if jdk.{tls,certpath}.disabledAlgorithms is empty
checkSuccess(desede_des_rc4_null_anon_ciphersuites);
// check that disabled cipher suites can be used if
// jdk.{tls,certpath}.disabledAlgorithms is empty
checkSuccess(disabled_ciphersuites);
break;
default:
throw new RuntimeException("Wrong parameter: " + args[0]);
@ -172,11 +182,12 @@ public class DisabledAlgorithms {
throw new RuntimeException("Expected SSLHandshakeException "
+ "not thrown");
} catch (SSLHandshakeException e) {
System.out.println("Expected exception on client side: "
System.out.println("Got expected exception on client side: "
+ e);
}
}
server.stop();
while (server.isRunning()) {
sleep();
}
@ -272,7 +283,6 @@ public class DisabledAlgorithms {
} catch (SSLHandshakeException e) {
System.out.println("Server: run: " + e);
sslError = true;
stopped = true;
} catch (IOException e) {
if (!stopped) {
System.out.println("Server: run: unexpected exception: "

96
test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@
/*
* @test
* @bug 4750141 4895631 8217579 8163326
* @bug 4750141 4895631 8217579 8163326 8279164
* @summary Check enabled and supported ciphersuites are correct
* @run main/othervm CheckCipherSuites default
* @run main/othervm CheckCipherSuites limited
@ -50,54 +50,38 @@ public class CheckCipherSuites {
// Not suite B, but we want it to position the suite early
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
// AES_256(GCM) - ECDHE - forward screcy
// AES_256(GCM) - ECDHE - forward secrecy
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
// AES_128(GCM) - ECDHE - forward screcy
// AES_128(GCM) - ECDHE - forward secrecy
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
// AES_256(GCM) - DHE - forward screcy
// AES_256(GCM) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
// AES_128(GCM) - DHE - forward screcy
// AES_128(GCM) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
// AES_256(CBC) - ECDHE - forward screcy
// AES_256(CBC) - ECDHE - forward secrecy
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
// AES_256(CBC) - ECDHE - forward screcy
// AES_256(CBC) - ECDHE - forward secrecy
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
// AES_256(CBC) - DHE - forward screcy
// AES_256(CBC) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
// AES_128(CBC) - DHE - forward screcy
// AES_128(CBC) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
// AES_256(GCM) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
// AES_128(GCM) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
// AES_256(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
// AES_128(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
// AES_256(CBC) - ECDHE - using SHA
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
@ -114,14 +98,6 @@ public class CheckCipherSuites {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
// AES_256(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
// AES_128(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
// deprecated
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
@ -144,16 +120,10 @@ public class CheckCipherSuites {
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA",
@ -175,54 +145,38 @@ public class CheckCipherSuites {
// Not suite B, but we want it to position the suite early
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
// AES_256(GCM) - ECDHE - forward screcy
// AES_256(GCM) - ECDHE - forward secrecy
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
// AES_128(GCM) - ECDHE - forward screcy
// AES_128(GCM) - ECDHE - forward secrecy
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
// AES_256(GCM) - DHE - forward screcy
// AES_256(GCM) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
// AES_128(GCM) - DHE - forward screcy
// AES_128(GCM) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
// AES_256(CBC) - ECDHE - forward screcy
// AES_256(CBC) - ECDHE - forward secrecy
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
// AES_256(CBC) - ECDHE - forward screcy
// AES_256(CBC) - ECDHE - forward secrecy
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
// AES_256(CBC) - DHE - forward screcy
// AES_256(CBC) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
// AES_128(CBC) - DHE - forward screcy
// AES_128(CBC) - DHE - forward secrecy
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
// AES_256(GCM) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
// AES_128(GCM) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
// AES_256(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
// AES_128(CBC) - not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
// AES_256(CBC) - ECDHE - using SHA
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
@ -239,14 +193,6 @@ public class CheckCipherSuites {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
// AES_256(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
// AES_128(CBC) - using SHA, not forward screcy
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
// deprecated
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
@ -269,16 +215,10 @@ public class CheckCipherSuites {
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA",