Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8282633

jarsigner output does not explain why an EC key is disabled if its curve has been disabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P4 P4
    • 19
    • None
    • security-libs
    • None

      Try disabling a curve by including its name inside the `jdk.disabled.namedCurves` security property and add `include jdk.disabled.namedCurves` in the `jdk.jar.disabledAlgorithms` security oroperty. The curve should be disabled.

      If you sign a JAR file using such a key or verify a signed JAR signed with it, jarsigner will successfully point out the key is weak and the "signed" JAR is treated as unsigned. However, the warning messages do not explain why it's weak.

      For the signing side, it shows

          The EC signing key has a keysize of 256 which is considered a security risk and is disabled.

      For the verification side (with -verbose) it shows

          - Signed by "CN=a"
              Digest algorithm: SHA-256
              Signature algorithm: SHA256withECDSA, 256-bit key (disabled)

          WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:

            jdk.jar.disabledAlgorithms=include jdk.disabled.namedCurves, MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, SHA1 denyAfter 2019-01-01

      Here only the key algorithm and key size are displayed, but the reason why it's disabled -- the curve name -- is not there.

      On the other hand, if we disable the curve in `jdk.certpath.disabledAlgorithms`, keytool is able to show

          Subject Public Key Algorithm: 256-bit EC (secp256r1) key (weak)

      Here it shows both the keysize and curve name.

      BTW, adding `EC keysize < 300` can reach the same result, but in that case it's easier to understand why. Fortunately, we currently don't support multiple curves with the same keysize.

            hchao Haimay Chao
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: