8286907: keytool should warn about weak PBE algorithms

Reviewed-by: mullan, weijun
2023-02-02 21:17:08 +00:00 · 2023-02-02 21:17:08 +00:00 · b00b70c240
commit b00b70c240
parent ee0f5b5ed0
2 changed files with 37 additions and 3 deletions
--- a/src/java.base/share/classes/sun/security/tools/keytool/Main.java
+++ b/src/java.base/share/classes/sun/security/tools/keytool/Main.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -1837,6 +1837,11 @@ public final class Main {
                useDefaultPBEAlgorithm = false;
            }

+            SecretKeyConstraintsParameters skcp =
+                    new SecretKeyConstraintsParameters(secKey);
+            checkWeakConstraint(rb.getString("the.generated.secretkey"),
+                    keyAlgName, skcp);
+
            if (verbose) {
                MessageFormat form = new MessageFormat(rb.getString(
                    "Generated.keyAlgName.secret.key"));
@ -5068,6 +5073,16 @@ public final class Main {
        }
    }

+    private void checkWeakConstraint(String label, String keyAlg,
+            SecretKeyConstraintsParameters skcp) {
+        try {
+            LEGACY_CHECK.permits(keyAlg, skcp, false);
+        } catch (CertPathValidatorException e) {
+            weakWarnings.add(String.format(
+                    rb.getString("key.algorithm.weak"), label, keyAlg));
+        }
+    }
+
    private void checkWeak(String label, CRL crl, Key key) {
        if (crl instanceof X509CRLImpl impl) {
            checkWeak(label, impl.getSigAlgName(), key);
--- a/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java
+++ b/test/jdk/sun/security/tools/keytool/WeakSecretKeyTest.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -23,7 +23,7 @@

 /*
 * @test
- * @bug 8255552 8286090
+ * @bug 8255552 8286090 8286907
 * @summary Test keytool commands associated with secret key entries which use weak algorithms
 * @library /test/lib
 */
@ -108,5 +108,24 @@ public class WeakSecretKeyTest {
                .shouldContain("Warning")
                .shouldMatch("The generated secret key uses a 128-bit AES key.*considered a security risk")
                .shouldHaveExitValue(0);
+
+        SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
+                "-genseckey -keyalg PBEWithMD5AndDES -alias pbekey1")
+                .shouldContain("Warning")
+                .shouldMatch("The generated secret key uses the PBEWithMD5AndDES algorithm.*considered a security risk")
+                .shouldHaveExitValue(0);
+
+        SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
+                "-genseckey -keyalg PBEWithSHA1AndDESede -alias pbekey2")
+                .shouldContain("Warning")
+                .shouldMatch("The generated secret key uses the PBEWithSHA1AndDESede algorithm.*considered a security risk")
+                .shouldHaveExitValue(0);
+
+        SecurityTools.setResponse("changeit", "changeit");
+        SecurityTools.keytool("-keystore ks.p12 -storepass changeit " +
+                "-importpass -keyalg PBEWithMD5AndDES -alias newentry")
+                .shouldContain("Warning")
+                .shouldMatch("The generated secret key uses the PBEWithMD5AndDES algorithm.*considered a security risk")
+                .shouldHaveExitValue(0);
    }
 }