stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8043201: Deprecate RC4 in SunJSSE provider

Browse Source 
Reviewed-by: xuelei, ahgross
This commit is contained in:
Artem Smotrakov 2015-03-02 12:56:22 -08:00
parent e973af73a3
commit 5f7a2dfec6
9 changed files with 690 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
jdk/src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
View File

@ -34,9 +34,9 @@ import javax.net.ssl.*;
import java.security.Key;
import java.util.Set;
import java.util.HashSet;
import sun.security.util.DisabledAlgorithmConstraints;
import static sun.security.util.DisabledAlgorithmConstraints.*;
import sun.security.ssl.CipherSuite.*;
/**
@ -46,10 +46,15 @@ import sun.security.ssl.CipherSuite.*;
* for the syntax of the disabled algorithm string.
*/
final class SSLAlgorithmConstraints implements AlgorithmConstraints {
private final static AlgorithmConstraints tlsDisabledAlgConstraints =
new TLSDisabledAlgConstraints();
new DisabledAlgorithmConstraints(PROPERTY_TLS_DISABLED_ALGS,
new SSLAlgorithmDecomposer());
private final static AlgorithmConstraints x509DisabledAlgConstraints =
new X509DisabledAlgConstraints();
new DisabledAlgorithmConstraints(PROPERTY_CERTPATH_DISABLED_ALGS,
new SSLAlgorithmDecomposer(true));
private AlgorithmConstraints userAlgConstraints = null;
private AlgorithmConstraints peerAlgConstraints = null;
@ -266,213 +271,4 @@ final class SSLAlgorithmConstraints implements AlgorithmConstraints {
return permits(primitives, algorithm, parameters);
}
}
static private class BasicDisabledAlgConstraints
extends DisabledAlgorithmConstraints {
BasicDisabledAlgConstraints(String propertyName) {
super(propertyName);
}
protected Set<String> decomposes(KeyExchange keyExchange,
boolean forCertPathOnly) {
Set<String> components = new HashSet<>();
switch (keyExchange) {
case K_NULL:
if (!forCertPathOnly) {
components.add("NULL");
}
break;
case K_RSA:
components.add("RSA");
break;
case K_RSA_EXPORT:
components.add("RSA");
components.add("RSA_EXPORT");
break;
case K_DH_RSA:
components.add("RSA");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_RSA");
break;
case K_DH_DSS:
components.add("DSA");
components.add("DSS");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_DSS");
break;
case K_DHE_DSS:
components.add("DSA");
components.add("DSS");
components.add("DH");
components.add("DHE");
components.add("DiffieHellman");
components.add("DHE_DSS");
break;
case K_DHE_RSA:
components.add("RSA");
components.add("DH");
components.add("DHE");
components.add("DiffieHellman");
components.add("DHE_RSA");
break;
case K_DH_ANON:
if (!forCertPathOnly) {
components.add("ANON");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_ANON");
}
break;
case K_ECDH_ECDSA:
components.add("ECDH");
components.add("ECDSA");
components.add("ECDH_ECDSA");
break;
case K_ECDH_RSA:
components.add("ECDH");
components.add("RSA");
components.add("ECDH_RSA");
break;
case K_ECDHE_ECDSA:
components.add("ECDHE");
components.add("ECDSA");
components.add("ECDHE_ECDSA");
break;
case K_ECDHE_RSA:
components.add("ECDHE");
components.add("RSA");
components.add("ECDHE_RSA");
break;
case K_ECDH_ANON:
if (!forCertPathOnly) {
components.add("ECDH");
components.add("ANON");
components.add("ECDH_ANON");
}
break;
default:
if (ClientKeyExchangeService.find(keyExchange.name) != null) {
if (!forCertPathOnly) {
components.add(keyExchange.name);
}
}
// otherwise ignore
}
return components;
}
protected Set<String> decomposes(BulkCipher bulkCipher) {
Set<String> components = new HashSet<>();
if (bulkCipher.transformation != null) {
components.addAll(super.decomposes(bulkCipher.transformation));
}
return components;
}
protected Set<String> decomposes(MacAlg macAlg) {
Set<String> components = new HashSet<>();
if (macAlg == CipherSuite.MacAlg.M_MD5) {
components.add("MD5");
components.add("HmacMD5");
} else if (macAlg == CipherSuite.MacAlg.M_SHA) {
components.add("SHA1");
components.add("SHA-1");
components.add("HmacSHA1");
} else if (macAlg == CipherSuite.MacAlg.M_SHA256) {
components.add("SHA256");
components.add("SHA-256");
components.add("HmacSHA256");
} else if (macAlg == CipherSuite.MacAlg.M_SHA384) {
components.add("SHA384");
components.add("SHA-384");
components.add("HmacSHA384");
}
return components;
}
}
static private class TLSDisabledAlgConstraints
extends BasicDisabledAlgConstraints {
TLSDisabledAlgConstraints() {
super(DisabledAlgorithmConstraints.PROPERTY_TLS_DISABLED_ALGS);
}
@Override
protected Set<String> decomposes(String algorithm) {
if (algorithm.startsWith("SSL_") || algorithm.startsWith("TLS_")) {
CipherSuite cipherSuite = null;
try {
cipherSuite = CipherSuite.valueOf(algorithm);
} catch (IllegalArgumentException iae) {
// ignore: unknown or unsupported ciphersuite
}
if (cipherSuite != null) {
Set<String> components = new HashSet<>();
if(cipherSuite.keyExchange != null) {
components.addAll(
decomposes(cipherSuite.keyExchange, false));
}
if (cipherSuite.cipher != null) {
components.addAll(decomposes(cipherSuite.cipher));
}
if (cipherSuite.macAlg != null) {
components.addAll(decomposes(cipherSuite.macAlg));
}
return components;
}
}
return super.decomposes(algorithm);
}
}
static private class X509DisabledAlgConstraints
extends BasicDisabledAlgConstraints {
X509DisabledAlgConstraints() {
super(DisabledAlgorithmConstraints.PROPERTY_CERTPATH_DISABLED_ALGS);
}
@Override
protected Set<String> decomposes(String algorithm) {
if (algorithm.startsWith("SSL_") || algorithm.startsWith("TLS_")) {
CipherSuite cipherSuite = null;
try {
cipherSuite = CipherSuite.valueOf(algorithm);
} catch (IllegalArgumentException iae) {
// ignore: unknown or unsupported ciphersuite
}
if (cipherSuite != null) {
Set<String> components = new HashSet<>();
if(cipherSuite.keyExchange != null) {
components.addAll(
decomposes(cipherSuite.keyExchange, true));
}
// Certification path algorithm constraints do not apply
// to cipherSuite.cipher and cipherSuite.macAlg.
return components;
}
}
return super.decomposes(algorithm);
}
}
}

258
jdk/src/java.base/share/classes/sun/security/ssl/SSLAlgorithmDecomposer.java Normal file
View File

@ -0,0 +1,258 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.ssl;
import java.util.HashSet;
import java.util.Set;
import sun.security.util.AlgorithmDecomposer;
import static sun.security.ssl.CipherSuite.*;
import static sun.security.ssl.CipherSuite.KeyExchange.*;
/**
* The class decomposes standard SSL/TLS cipher suites into sub-elements.
*/
class SSLAlgorithmDecomposer extends AlgorithmDecomposer {
// indicates that only certification path algorithms need to be used
private final boolean onlyX509;
SSLAlgorithmDecomposer(boolean onlyX509) {
this.onlyX509 = onlyX509;
}
SSLAlgorithmDecomposer() {
this(false);
}
private Set<String> decomposes(CipherSuite.KeyExchange keyExchange) {
Set<String> components = new HashSet<>();
switch (keyExchange) {
case K_NULL:
if (!onlyX509) {
components.add("K_NULL");
}
break;
case K_RSA:
components.add("RSA");
break;
case K_RSA_EXPORT:
components.add("RSA");
components.add("RSA_EXPORT");
break;
case K_DH_RSA:
components.add("RSA");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_RSA");
break;
case K_DH_DSS:
components.add("DSA");
components.add("DSS");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_DSS");
break;
case K_DHE_DSS:
components.add("DSA");
components.add("DSS");
components.add("DH");
components.add("DHE");
components.add("DiffieHellman");
components.add("DHE_DSS");
break;
case K_DHE_RSA:
components.add("RSA");
components.add("DH");
components.add("DHE");
components.add("DiffieHellman");
components.add("DHE_RSA");
break;
case K_DH_ANON:
if (!onlyX509) {
components.add("ANON");
components.add("DH");
components.add("DiffieHellman");
components.add("DH_ANON");
}
break;
case K_ECDH_ECDSA:
components.add("ECDH");
components.add("ECDSA");
components.add("ECDH_ECDSA");
break;
case K_ECDH_RSA:
components.add("ECDH");
components.add("RSA");
components.add("ECDH_RSA");
break;
case K_ECDHE_ECDSA:
components.add("ECDHE");
components.add("ECDSA");
components.add("ECDHE_ECDSA");
break;
case K_ECDHE_RSA:
components.add("ECDHE");
components.add("RSA");
components.add("ECDHE_RSA");
break;
case K_ECDH_ANON:
if (!onlyX509) {
components.add("ECDH");
components.add("ANON");
components.add("ECDH_ANON");
}
break;
default:
if (ClientKeyExchangeService.find(keyExchange.name) != null) {
if (!onlyX509) {
components.add(keyExchange.name);
}
}
// otherwise ignore
}
return components;
}
private Set<String> decomposes(CipherSuite.BulkCipher bulkCipher) {
Set<String> components = new HashSet<>();
if (bulkCipher.transformation != null) {
components.addAll(super.decompose(bulkCipher.transformation));
}
switch (bulkCipher) {
case B_NULL:
components.add("C_NULL");
break;
case B_RC2_40:
components.add("RC2_CBC_40");
break;
case B_RC4_40:
components.add("RC4_40");
break;
case B_RC4_128:
components.add("RC4_128");
break;
case B_DES_40:
components.add("DES40_CBC");
components.add("DES_CBC_40");
break;
case B_DES:
components.add("DES_CBC");
break;
case B_3DES:
components.add("3DES_EDE_CBC");
break;
case B_AES_128:
components.add("AES_128_CBC");
break;
case B_AES_256:
components.add("AES_256_CBC");
break;
case B_AES_128_GCM:
components.add("AES_128_GCM");
break;
case B_AES_256_GCM:
components.add("AES_256_GCM");
break;
}
return components;
}
private Set<String> decomposes(CipherSuite.MacAlg macAlg,
BulkCipher cipher) {
Set<String> components = new HashSet<>();
if (macAlg == CipherSuite.MacAlg.M_NULL
&& cipher.cipherType != CipherType.AEAD_CIPHER) {
components.add("M_NULL");
} else if (macAlg == CipherSuite.MacAlg.M_MD5) {
components.add("MD5");
components.add("HmacMD5");
} else if (macAlg == CipherSuite.MacAlg.M_SHA) {
components.add("SHA1");
components.add("SHA-1");
components.add("HmacSHA1");
} else if (macAlg == CipherSuite.MacAlg.M_SHA256) {
components.add("SHA256");
components.add("SHA-256");
components.add("HmacSHA256");
} else if (macAlg == CipherSuite.MacAlg.M_SHA384) {
components.add("SHA384");
components.add("SHA-384");
components.add("HmacSHA384");
}
return components;
}
private Set<String> decompose(KeyExchange keyExchange, BulkCipher cipher,
MacAlg macAlg) {
Set<String> components = new HashSet<>();
if (keyExchange != null) {
components.addAll(decomposes(keyExchange));
}
if (onlyX509) {
// Certification path algorithm constraints do not apply
// to cipher and macAlg.
return components;
}
if (cipher != null) {
components.addAll(decomposes(cipher));
}
if (macAlg != null) {
components.addAll(decomposes(macAlg, cipher));
}
return components;
}
@Override
public Set<String> decompose(String algorithm) {
if (algorithm.startsWith("SSL_") || algorithm.startsWith("TLS_")) {
CipherSuite cipherSuite = null;
try {
cipherSuite = CipherSuite.valueOf(algorithm);
} catch (IllegalArgumentException iae) {
// ignore: unknown or unsupported ciphersuite
}
if (cipherSuite != null) {
return decompose(cipherSuite.keyExchange, cipherSuite.cipher,
cipherSuite.macAlg);
}
}
return super.decompose(algorithm);
}
}

23
jdk/src/java.base/share/classes/sun/security/ssl/ServerHandshaker.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -39,6 +39,7 @@ import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.*;
import sun.security.util.KeyUtil;
import sun.security.util.LegacyAlgorithmConstraints;
import sun.security.action.GetPropertyAction;
import sun.security.ssl.HandshakeMessage.*;
import sun.security.ssl.CipherSuite.*;
@ -104,6 +105,12 @@ final class ServerHandshaker extends Handshaker {
// The customized ephemeral DH key size for non-exportable cipher suites.
private static final int customizedDHKeySize;
// legacy algorithm constraints
private static final AlgorithmConstraints legacyAlgorithmConstraints =
new LegacyAlgorithmConstraints(
LegacyAlgorithmConstraints.PROPERTY_TLS_LEGACY_ALGS,
new SSLAlgorithmDecomposer());
static {
String property = AccessController.doPrivileged(
new GetPropertyAction("jdk.tls.ephemeralDHKeySize"));
@ -1055,6 +1062,7 @@ final class ServerHandshaker extends Handshaker {
proposed = getActiveCipherSuites();
}
List<CipherSuite> legacySuites = new ArrayList<>();
for (CipherSuite suite : prefered.collection()) {
if (isNegotiable(proposed, suite) == false) {
continue;
@ -1066,11 +1074,24 @@ final class ServerHandshaker extends Handshaker {
continue;
}
}
if (!legacyAlgorithmConstraints.permits(null, suite.name, null)) {
legacySuites.add(suite);
continue;
}
if (trySetCipherSuite(suite) == false) {
continue;
}
return;
}
for (CipherSuite suite : legacySuites) {
if (trySetCipherSuite(suite)) {
return;
}
}
fatalSE(Alerts.alert_handshake_failure, "no cipher suites in common");
}

119
jdk/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java Normal file
View File

@ -0,0 +1,119 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.security.AccessController;
import java.security.AlgorithmConstraints;
import java.security.PrivilegedAction;
import java.security.Security;
import java.util.Map;
import java.util.Set;
/**
* The class contains common functionality for algorithm constraints classes.
*/
public abstract class AbstractAlgorithmConstraints
implements AlgorithmConstraints {
protected final AlgorithmDecomposer decomposer;
protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) {
this.decomposer = decomposer;
}
// Get algorithm constraints from the specified security property.
private static void loadAlgorithmsMap(Map<String, String[]> algorithmsMap,
String propertyName) {
String property = AccessController.doPrivileged(
(PrivilegedAction<String>) () -> Security.getProperty(
propertyName));
String[] algorithmsInProperty = null;
if (property != null && !property.isEmpty()) {
// remove double quote marks from beginning/end of the property
if (property.charAt(0) == '"'
&& property.charAt(property.length() - 1) == '"') {
property = property.substring(1, property.length() - 1);
}
algorithmsInProperty = property.split(",");
for (int i = 0; i < algorithmsInProperty.length;
i++) {
algorithmsInProperty[i] = algorithmsInProperty[i].trim();
}
}
// map the disabled algorithms
if (algorithmsInProperty == null) {
algorithmsInProperty = new String[0];
}
algorithmsMap.put(propertyName, algorithmsInProperty);
}
static String[] getAlgorithms(Map<String, String[]> algorithmsMap,
String propertyName) {
synchronized (algorithmsMap) {
if (!algorithmsMap.containsKey(propertyName)) {
loadAlgorithmsMap(algorithmsMap, propertyName);
}
return algorithmsMap.get(propertyName);
}
}
static boolean checkAlgorithm(String[] algorithms, String algorithm,
AlgorithmDecomposer decomposer) {
if (algorithm == null || algorithm.length() == 0) {
throw new IllegalArgumentException("No algorithm name specified");
}
Set<String> elements = null;
for (String item : algorithms) {
if (item == null || item.isEmpty()) {
continue;
}
// check the full name
if (item.equalsIgnoreCase(algorithm)) {
return false;
}
// decompose the algorithm into sub-elements
if (elements == null) {
elements = decomposer.decompose(algorithm);
}
// check the items of the algorithm
for (String element : elements) {
if (item.equalsIgnoreCase(element)) {
return false;
}
}
}
return true;
}
}

131
jdk/src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java Normal file
View File

@ -0,0 +1,131 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Pattern;
/**
* The class decomposes standard algorithms into sub-elements.
*/
public class AlgorithmDecomposer {
private static final Pattern transPattern = Pattern.compile("/");
private static final Pattern pattern =
Pattern.compile("with|and|in", Pattern.CASE_INSENSITIVE);
/**
* Decompose the standard algorithm name into sub-elements.
* <p>
* For example, we need to decompose "SHA1WithRSA" into "SHA1" and "RSA"
* so that we can check the "SHA1" and "RSA" algorithm constraints
* separately.
* <p>
* Please override the method if need to support more name pattern.
*/
public Set<String> decompose(String algorithm) {
if (algorithm == null || algorithm.length() == 0) {
return new HashSet<>();
}
// algorithm/mode/padding
String[] transTockens = transPattern.split(algorithm);
Set<String> elements = new HashSet<>();
for (String transTocken : transTockens) {
if (transTocken == null || transTocken.length() == 0) {
continue;
}
// PBEWith<digest>And<encryption>
// PBEWith<prf>And<encryption>
// OAEPWith<digest>And<mgf>Padding
// <digest>with<encryption>
// <digest>with<encryption>and<mgf>
// <digest>with<encryption>in<format>
String[] tokens = pattern.split(transTocken);
for (String token : tokens) {
if (token == null || token.length() == 0) {
continue;
}
elements.add(token);
}
}
// In Java standard algorithm name specification, for different
// purpose, the SHA-1 and SHA-2 algorithm names are different. For
// example, for MessageDigest, the standard name is "SHA-256", while
// for Signature, the digest algorithm component is "SHA256" for
// signature algorithm "SHA256withRSA". So we need to check both
// "SHA-256" and "SHA256" to make the right constraint checking.
// handle special name: SHA-1 and SHA1
if (elements.contains("SHA1") && !elements.contains("SHA-1")) {
elements.add("SHA-1");
}
if (elements.contains("SHA-1") && !elements.contains("SHA1")) {
elements.add("SHA1");
}
// handle special name: SHA-224 and SHA224
if (elements.contains("SHA224") && !elements.contains("SHA-224")) {
elements.add("SHA-224");
}
if (elements.contains("SHA-224") && !elements.contains("SHA224")) {
elements.add("SHA224");
}
// handle special name: SHA-256 and SHA256
if (elements.contains("SHA256") && !elements.contains("SHA-256")) {
elements.add("SHA-256");
}
if (elements.contains("SHA-256") && !elements.contains("SHA256")) {
elements.add("SHA256");
}
// handle special name: SHA-384 and SHA384
if (elements.contains("SHA384") && !elements.contains("SHA-384")) {
elements.add("SHA-384");
}
if (elements.contains("SHA-384") && !elements.contains("SHA384")) {
elements.add("SHA384");
}
// handle special name: SHA-512 and SHA512
if (elements.contains("SHA512") && !elements.contains("SHA-512")) {
elements.add("SHA-512");
}
if (elements.contains("SHA-512") && !elements.contains("SHA512")) {
elements.add("SHA512");
}
return elements;
}
}

195
jdk/src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
View File

@ -25,15 +25,9 @@
package sun.security.util;
import java.security.AlgorithmConstraints;
import java.security.CryptoPrimitive;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.Security;
import java.security.PrivilegedAction;
import java.security.AccessController;
import java.util.Locale;
import java.util.Set;
import java.util.Collections;
@ -49,7 +43,7 @@ import java.util.regex.Matcher;
* See the "jdk.certpath.disabledAlgorithms" specification in java.security
* for the syntax of the disabled algorithm string.
*/
public class DisabledAlgorithmConstraints implements AlgorithmConstraints {
public class DisabledAlgorithmConstraints extends AbstractAlgorithmConstraints {
// the known security property, jdk.certpath.disabledAlgorithms
public final static String PROPERTY_CERTPATH_DISABLED_ALGS =
@ -64,8 +58,8 @@ public class DisabledAlgorithmConstraints implements AlgorithmConstraints {
private final static Map<String, KeySizeConstraints> keySizeConstraintsMap =
new HashMap<>();
private String[] disabledAlgorithms;
private KeySizeConstraints keySizeConstraints;
private final String[] disabledAlgorithms;
private final KeySizeConstraints keySizeConstraints;
/**
* Initialize algorithm constraints with the specified security property.
@ -74,56 +68,27 @@ public class DisabledAlgorithmConstraints implements AlgorithmConstraints {
* algorithm constraints
*/
public DisabledAlgorithmConstraints(String propertyName) {
// Both disabledAlgorithmsMap and keySizeConstraintsMap are
// synchronized with the lock of disabledAlgorithmsMap.
synchronized (disabledAlgorithmsMap) {
if(!disabledAlgorithmsMap.containsKey(propertyName)) {
loadDisabledAlgorithmsMap(propertyName);
}
this(propertyName, new AlgorithmDecomposer());
}
disabledAlgorithms = disabledAlgorithmsMap.get(propertyName);
keySizeConstraints = keySizeConstraintsMap.get(propertyName);
}
public DisabledAlgorithmConstraints(String propertyName,
AlgorithmDecomposer decomposer) {
super(decomposer);
disabledAlgorithms = getAlgorithms(disabledAlgorithmsMap, propertyName);
keySizeConstraints = getKeySizeConstraints(disabledAlgorithms,
propertyName);
}
@Override
final public boolean permits(Set<CryptoPrimitive> primitives,
String algorithm, AlgorithmParameters parameters) {
if (algorithm == null || algorithm.length() == 0) {
throw new IllegalArgumentException("No algorithm name specified");
}
if (primitives == null || primitives.isEmpty()) {
throw new IllegalArgumentException(
"No cryptographic primitive specified");
}
Set<String> elements = null;
for (String disabled : disabledAlgorithms) {
if (disabled == null || disabled.isEmpty()) {
continue;
}
// check the full name
if (disabled.equalsIgnoreCase(algorithm)) {
return false;
}
// decompose the algorithm into sub-elements
if (elements == null) {
elements = decomposes(algorithm);
}
// check the items of the algorithm
for (String element : elements) {
if (disabled.equalsIgnoreCase(element)) {
return false;
}
}
}
return true;
return checkAlgorithm(disabledAlgorithms, algorithm, decomposer);
}
@Override
@ -142,99 +107,6 @@ public class DisabledAlgorithmConstraints implements AlgorithmConstraints {
return checkConstraints(primitives, algorithm, key, parameters);
}
/**
* Decompose the standard algorithm name into sub-elements.
* <p>
* For example, we need to decompose "SHA1WithRSA" into "SHA1" and "RSA"
* so that we can check the "SHA1" and "RSA" algorithm constraints
* separately.
* <p>
* Please override the method if need to support more name pattern.
*/
protected Set<String> decomposes(String algorithm) {
if (algorithm == null || algorithm.length() == 0) {
return new HashSet<String>();
}
// algorithm/mode/padding
Pattern transPattern = Pattern.compile("/");
String[] transTockens = transPattern.split(algorithm);
Set<String> elements = new HashSet<String>();
for (String transTocken : transTockens) {
if (transTocken == null || transTocken.length() == 0) {
continue;
}
// PBEWith<digest>And<encryption>
// PBEWith<prf>And<encryption>
// OAEPWith<digest>And<mgf>Padding
// <digest>with<encryption>
// <digest>with<encryption>and<mgf>
// <digest>with<encryption>in<format>
Pattern pattern =
Pattern.compile("with|and|in", Pattern.CASE_INSENSITIVE);
String[] tokens = pattern.split(transTocken);
for (String token : tokens) {
if (token == null || token.length() == 0) {
continue;
}
elements.add(token);
}
}
// In Java standard algorithm name specification, for different
// purpose, the SHA-1 and SHA-2 algorithm names are different. For
// example, for MessageDigest, the standard name is "SHA-256", while
// for Signature, the digest algorithm component is "SHA256" for
// signature algorithm "SHA256withRSA". So we need to check both
// "SHA-256" and "SHA256" to make the right constraint checking.
// handle special name: SHA-1 and SHA1
if (elements.contains("SHA1") && !elements.contains("SHA-1")) {
elements.add("SHA-1");
}
if (elements.contains("SHA-1") && !elements.contains("SHA1")) {
elements.add("SHA1");
}
// handle special name: SHA-224 and SHA224
if (elements.contains("SHA224") && !elements.contains("SHA-224")) {
elements.add("SHA-224");
}
if (elements.contains("SHA-224") && !elements.contains("SHA224")) {
elements.add("SHA224");
}
// handle special name: SHA-256 and SHA256
if (elements.contains("SHA256") && !elements.contains("SHA-256")) {
elements.add("SHA-256");
}
if (elements.contains("SHA-256") && !elements.contains("SHA256")) {
elements.add("SHA256");
}
// handle special name: SHA-384 and SHA384
if (elements.contains("SHA384") && !elements.contains("SHA-384")) {
elements.add("SHA-384");
}
if (elements.contains("SHA-384") && !elements.contains("SHA384")) {
elements.add("SHA384");
}
// handle special name: SHA-512 and SHA512
if (elements.contains("SHA512") && !elements.contains("SHA-512")) {
elements.add("SHA-512");
}
if (elements.contains("SHA-512") && !elements.contains("SHA512")) {
elements.add("SHA512");
}
return elements;
}
// Check algorithm constraints
private boolean checkConstraints(Set<CryptoPrimitive> primitives,
String algorithm, Key key, AlgorithmParameters parameters) {
@ -264,43 +136,18 @@ public class DisabledAlgorithmConstraints implements AlgorithmConstraints {
return true;
}
// Get disabled algorithm constraints from the specified security property.
private static void loadDisabledAlgorithmsMap(
final String propertyName) {
String property = AccessController.doPrivileged(
new PrivilegedAction<String>() {
public String run() {
return Security.getProperty(propertyName);
}
});
String[] algorithmsInProperty = null;
if (property != null && !property.isEmpty()) {
// remove double quote marks from beginning/end of the property
if (property.charAt(0) == '"' &&
property.charAt(property.length() - 1) == '"') {
property = property.substring(1, property.length() - 1);
private static KeySizeConstraints getKeySizeConstraints(
String[] disabledAlgorithms, String propertyName) {
synchronized (keySizeConstraintsMap) {
if(!keySizeConstraintsMap.containsKey(propertyName)) {
// map the key constraints
KeySizeConstraints keySizeConstraints =
new KeySizeConstraints(disabledAlgorithms);
keySizeConstraintsMap.put(propertyName, keySizeConstraints);
}
algorithmsInProperty = property.split(",");
for (int i = 0; i < algorithmsInProperty.length; i++) {
algorithmsInProperty[i] = algorithmsInProperty[i].trim();
}
return keySizeConstraintsMap.get(propertyName);
}
// map the disabled algorithms
if (algorithmsInProperty == null) {
algorithmsInProperty = new String[0];
}
disabledAlgorithmsMap.put(propertyName, algorithmsInProperty);
// map the key constraints
KeySizeConstraints keySizeConstraints =
new KeySizeConstraints(algorithmsInProperty);
keySizeConstraintsMap.put(propertyName, keySizeConstraints);
}
/**

73
jdk/src/java.base/share/classes/sun/security/util/LegacyAlgorithmConstraints.java Normal file
View File

@ -0,0 +1,73 @@
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.security.AlgorithmParameters;
import java.security.CryptoPrimitive;
import java.security.Key;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import static sun.security.util.AbstractAlgorithmConstraints.getAlgorithms;
/**
* Algorithm constraints for legacy algorithms.
*/
public class LegacyAlgorithmConstraints extends AbstractAlgorithmConstraints {
// the known security property, jdk.tls.legacyAlgorithms
public final static String PROPERTY_TLS_LEGACY_ALGS =
"jdk.tls.legacyAlgorithms";
private final static Map<String, String[]> legacyAlgorithmsMap =
new HashMap<>();
private final String[] legacyAlgorithms;
public LegacyAlgorithmConstraints(String propertyName,
AlgorithmDecomposer decomposer) {
super(decomposer);
legacyAlgorithms = getAlgorithms(legacyAlgorithmsMap, propertyName);
}
@Override
final public boolean permits(Set<CryptoPrimitive> primitives,
String algorithm, AlgorithmParameters parameters) {
return checkAlgorithm(legacyAlgorithms, algorithm, decomposer);
}
@Override
final public boolean permits(Set<CryptoPrimitive> primitives, Key key) {
return true;
}
@Override
final public boolean permits(Set<CryptoPrimitive> primitives,
String algorithm, Key key, AlgorithmParameters parameters) {
return checkAlgorithm(legacyAlgorithms, algorithm, decomposer);
}
}

57
jdk/src/java.base/share/conf/security/java.security
View File

@ -542,3 +542,60 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
# Example:
# jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
jdk.tls.disabledAlgorithms=SSLv3, RC4
# Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
# processing in JSSE implementation.
#
# In some environments, a certain algorithm may be undesirable but it
# cannot be disabled because of its use in legacy applications. Legacy
# algorithms may still be supported, but applications should not use them
# as the security strength of legacy algorithms are usually not strong enough
# in practice.
#
# During SSL/TLS security parameters negotiation, legacy algorithms will
# not be negotiated unless there are no other candidates.
#
# The syntax of the disabled algorithm string is described as this Java
# BNF-style:
# LegacyAlgorithms:
# " LegacyAlgorithm { , LegacyAlgorithm } "
#
# LegacyAlgorithm:
# AlgorithmName (standard JSSE algorithm name)
#
# See the specification of security property "jdk.certpath.disabledAlgorithms"
# for the syntax and description of the "AlgorithmName" notation.
#
# Per SSL/TLS specifications, cipher suites have the form:
# SSL_KeyExchangeAlg_WITH_CipherAlg_MacAlg
# or
# TLS_KeyExchangeAlg_WITH_CipherAlg_MacAlg
#
# For example, the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA uses RSA as the
# key exchange algorithm, AES_128_CBC (128 bits AES cipher algorithm in CBC
# mode) as the cipher (encryption) algorithm, and SHA-1 as the message digest
# algorithm for HMAC.
#
# The LegacyAlgorithm can be one of the following standard algorithm names:
# 1. JSSE cipher suite name, e.g., TLS_RSA_WITH_AES_128_CBC_SHA
# 2. JSSE key exchange algorithm name, e.g., RSA
# 3. JSSE cipher (encryption) algorithm name, e.g., AES_128_CBC
# 4. JSSE message digest algorithm name, e.g., SHA-1
#
# See SSL/TLS specifications and "Java Cryptography Architecture Standard
# Algorithm Name Documentation" for information about the algorithm names.
#
# Note: This property is currently used by Oracle's JSSE implementation.
# It is not guaranteed to be examined and used by other implementations.
# There is no guarantee the property will continue to exist or be of the
# same syntax in future releases.
#
# Example:
# jdk.tls.legacyAlgorithms=DH_anon, DES_CBC, SSL_RSA_WITH_RC4_128_MD5
#
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC

2
jdk/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java
View File

@ -31,7 +31,7 @@
* @bug 7188657
* @summary There should be a way to reorder the JSSE ciphers
* @run main/othervm UseCipherSuitesOrder
* TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA
* TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA
*/
import java.io.*;