Summary

As some crypto algorithms become legacy (e.g. not strong enough for modern computers and thus being phased out), some PKCS11 library implementations may start limiting the usage for these algorithms. For example, for Cipher, only decryption is allowed but not encryption. This way, earlier encrypted data can be recovered but data won't be encrypted with legacy algorithm. Under https://bugs.openjdk.org/browse/JDK-8176837 , SunPKCS11 provider is updated to check and disable the legacy mechanisms. Further adjustment will be made to fine-tune the check and also provide a configuration attribute "allowLegacy" to disable the check if desired.

Note, this backport CSR is same as original CSR (JDK-8329300).

Problem

Under the existing check for identifying legacy algorithms, an algorithm would be disabled if it supports decryption but not encryption, or if it supports verification but not signing. For example, an algorithm would be disabled if it supports decryption, signing, and verification but not encryption. The check should be fine-tuned to only disable the algorithm for Cipher crypto service but not Signature crypto service since both signing and verification are supported. In addition, once an algorithm is identified as legacy and disabled, there is no setting to enable them for the supported usage.

Solution

Provide a "allowLegacy" configuration attribute in SunPKCS11 provider configuration file to allow applications to bypass the legacy check if needed. In addition, existing check will be updated to disable algorithms based on the registered crypto service. Using the earlier example of the algorithm supporting decryption, signing, and verification but not encryption, it will be disabled for Cipher crypto service but remain enabled for Signature crypto service.

Specification

Update the "SunPKCS11 Configuration" paragraph under the "PKCS#11 Reference Guide" section of "Security Developer's Guide" document with the new "allowLegacy" configuration attribute.