Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8226374

Restrict TLS signature schemes and named groups

    XMLWordPrintable

Details

    • b10
    • x86_64
    • windows_7

    Backports

      Description

        A DESCRIPTION OF THE PROBLEM :
        We are trying to disable RSASSA-PSS, because it is not supported in the JCE PKCS11 wrapper, and causes errors when setting up TLS1.2 errors.
        It is possible to do this using jdk.tls.disabledAlgorithms with RSASSA-PSS, if this is done on both sides (client & server).
        But if this is done only on the client side, which means the server still gives RSASSA-PSS as one of the options in it's CertificateRequest message, the client will still choose RSASSA-PSS and fail.

        I think the core of the problem lies within the CertificateVerify.T12CertificateVerifyMessage constructor, which selects the signature algorithm as follows:
                    this.signatureScheme = SignatureScheme.getPreferableAlgorithm(
                            chc.peerRequestedSignatureSchemes,
                            x509Possession.popPrivateKey,
                            chc.negotiatedProtocol);

        chc.peerRequestedSignatureSchemes holds -all- algorithms sent by the server in it's CertificateRequest message. Disabled algorithms are not filtered out.
        The getPreferableAlgorithm method also does not consider disabled algorithms.


        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Set up TLS 1.2 client with jdk.tls.disabledAlgorithms with RSASSA-PSS
        Set up TLS 1.2 server which does not have RSASSA-PSS disabled
        Connect the client to the server.



        FREQUENCY : always


        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8256334 Restrict TLS signature schemes and named groups

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8256561 Restrict TLS signature schemes and named groups

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8264553 Restrict TLS signature schemes and named groups

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8264974 Restrict TLS signature schemes and named groups

            • P3 - Major loss of function.
            • Resolved
            csr for

            CSR - null JDK-8227445 Restrict TLS signature schemes and named groups

            • P3 - Major loss of function.
            • Closed
            is blocked by

            Bug - A problem which impairs or prevents the functions of the product. JDK-8226900 No AlgorithmParameters implementation for XDH/XEC

            • P3 - Major loss of function.
            • Resolved

            Enhancement - null JDK-8080704 Support the retrieval of standard names for EC parameters

            • P3 - Major loss of function.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8272351 Mutual TLS has stopped working - client certificates using RSA SHA256 not found

            • P3 - Major loss of function.
            • In Progress

            Bug - A problem which impairs or prevents the functions of the product. JDK-8257606 SSLHandshakeException: Cannot produce CertificateVerify signature

            • P3 - Major loss of function.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8260300 Restrict TLS signature schemes in 8u

            • P3 - Major loss of function.
            • Resolved

            Enhancement - null JDK-8233228 Disable weak named curves by default in TLS, CertPath, and Signed JAR

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Enhancement - null JDK-8210755 Define standard names for EC curves and TLS signature schemes

            • P3 - Major loss of function.
            • Resolved
            links to

            Commit Commit openjdk/jdk13u-dev/384445d2

            Review Review openjdk/jdk13u-dev/20

            Activity

              People

                xuelei Xuelei Fan
                webbuggrp Webbug Group
                Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: