-
CSR
-
Resolution: Approved
-
P3
-
None
-
behavioral
-
medium
-
-
Java API, System or security property
-
JDK
Summary
Enable the XML Signature secure validation mode by default. This will improve out of the box security by restricting signatures that contain potentially unsafe content.
Problem
The XML Signature secure validation mode is enabled by setting the property org.jcp.xml.dsig.secureValidation to Boolean.TRUE with the javax.xml.crypto.XMLCryptoContext.setProperty() method, or by running the code with a security manager.
Use of a security manager is increasingly rare. This option should be enabled by default regardless of whether a security manager is enabled so that all applications can be protected by default.
Solution
Change javax.xml.crypto.dsig.dom.DOMValidateContext to set the property org.jcp.xml.dsig.secureValidation to Boolean.TRUE by default.
Specification
Add the following to the class summary of javax.xml.crypto.dsig.dom.DOMValidateContext
:
* @implNote
* By default, the JDK implementation enables a secure validation mode by
* setting the <code>org.jcp.xml.dsig.secureValidation</code> property to
* <code>Boolean.TRUE</code> (see the {@link #setProperty setProperty}
* method). When enabled, validation of XML signatures are subject to
* stricter checking of algorithms and other constraints as specified by the
* <code>jdk.xml.dsig.secureValidationPolicy</code> security property.
Change the text for the jdk.xml.dsig.secureValidationPolicy
in the java.security
file as follows:
#
- # The policy for the XML Signature secure validation mode. The mode is
- # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
- # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
- # or by running the code with a SecurityManager.
+ # The policy for the XML Signature secure validation mode. Validation of
+ # XML Signatures that violate any of these constraints will fail. The
+ # mode is enforced by default. The mode can be disabled by setting the
+ # property "org.jcp.xml.dsig.secureValidation" to Boolean.FALSE with the
+ # javax.xml.crypto.XMLCryptoContext.setProperty() method.
#
- csr of
-
JDK-8321829 Enable XML Signature secure validation mode by default
- Resolved