Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8364386

Restrict algorithms at JCE layer

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Unresolved
    • Icon: P3 P3
    • 26
    • security-libs
    • None
    • behavioral
    • minimal
    • This property is not set by default, thus no impact to existing applications.
    • System or security property
    • JDK

      Summary

      Introduce a new security property "jdk.crypto.disabledAlgorithms" for disabling algorithms for JCE/JCA cryptographic services. For now, this property only supports Cipher, KeyStore, MessageDigest, and Signature services. This security property can be overridden by a system property of the same name if applications need to re-enable algorithms.

      Problem

      As time goes by and algorithms become legacy, there are no mechanisms to stop or detect their use. With this new security property, once set, requests made to the supported service classes, i.e. Cipher, KeyStore, MessageDigest, and Signature, matching the disabled algorithm will be rejected with exception.

      Solution

      Add a security property "jdk.crypto.disabledAlgorithms" (overridable by a system property of the same name) whose value has the following syntax: "DisabledService {, DisabledService}"

      Each "DisabledService" component has the format of "Service.AlgorithmName" where "Service" is one of Cipher, KeyStore, MessageDigest, or Signature (more services may be added later) and "AlgorithmName" is the standard algorithm name of the disabled service. See the Java Security Standard Algorithm Names Specification for information about Standard Algorithm Names. Matching is performed using a case-insensitive exact matching rule. For the Cipher service, its algorithm is the transformation string. If the property value contains entries with invalid syntax or unsupported services at the time of checking, an ExceptionInInitializerError with a cause of IllegalArgumentException will be thrown.

      Note: This property is currently used by the JDK Reference implementation. It is not guaranteed to be examined and used by other implementations.

      Specification

      1) document the security property "jdk.crypto.disabledAlgorithms" in the java.security file. (Please find details in the attached file "javadocDiff.8244336")

      2) add implementation notes to the various getInstance(...) methods of the javax.crypto.Cipher, java.security.KeyStore, java.security.MessageDigest, and java.security.Signature classes regarding the security property. (Please find details in the attached file "javadocDiff.8244336")

        1. javadocDiff.8244336.txt
          16 kB

            valeriep Valerie Peng
            mullan Sean Mullan
            Anthony Scarpino, Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated: