Skip to content
Permalink
Browse files
8163327: Remove 3DES from the default enabled cipher suites list
Reviewed-by: xuelei
  • Loading branch information
seanjmullan committed Mar 23, 2022
1 parent f017739 commit 138460c004a9a21a84f892896cf2f172fab2ac99
Show file tree
Hide file tree
Showing 4 changed files with 103 additions and 55 deletions.
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2002, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -54,9 +54,9 @@ enum CipherSuite {
// changed later, see below).
// 2. Prefer forward secrecy cipher suites.
// 3. Prefer the stronger bulk cipher, in the order of AES_256(GCM),
// AES_128(GCM), AES_256, AES_128, 3DES-EDE.
// AES_128(GCM), AES_256, AES_128.
// 4. Prefer the stronger MAC algorithm, in the order of SHA384,
// SHA256, SHA, MD5.
// SHA256, SHA.
// 5. Prefer the better performance of key exchange and digital
// signature algorithm, in the order of ECDHE-ECDSA, ECDHE-RSA,
// DHE-RSA, DHE-DSS, ECDH-ECDSA, ECDH-RSA, RSA.
@@ -327,41 +327,6 @@ enum CipherSuite {
ProtocolVersion.PROTOCOLS_TO_12,
K_RSA, B_AES_128, M_SHA, H_SHA256),

// 3DES_EDE, forward secrecy.
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
0xC008, true, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_ECDSA, B_3DES, M_SHA, H_SHA256),
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA(
0xC012, true, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_RSA, B_3DES, M_SHA, H_SHA256),
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
0x0016, true, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_RSA, B_3DES, M_SHA, H_SHA256),
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA(
0x0013, true, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_DSS, B_3DES, M_SHA, H_SHA256),

// 3DES_EDE, not forward secrecy.
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
0xC003, true, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
0xC00D, true, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
SSL_RSA_WITH_3DES_EDE_CBC_SHA(
0x000A, true, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_RSA, B_3DES, M_SHA, H_SHA256),

// Renegotiation protection request Signalling Cipher Suite Value (SCSV).
TLS_EMPTY_RENEGOTIATION_INFO_SCSV( // RFC 5746, TLS 1.2 and prior
0x00FF, true, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV", "",
@@ -413,6 +378,41 @@ enum CipherSuite {
0x0034, false, "TLS_DH_anon_WITH_AES_128_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_DH_ANON, B_AES_128, M_SHA, H_SHA256),

// 3DES_EDE, forward secrecy.
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(
0xC008, false, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_ECDSA, B_3DES, M_SHA, H_SHA256),
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA(
0xC012, false, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDHE_RSA, B_3DES, M_SHA, H_SHA256),
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
0x0016, false, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_RSA, B_3DES, M_SHA, H_SHA256),
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA(
0x0013, false, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_DHE_DSS, B_3DES, M_SHA, H_SHA256),

// 3DES_EDE, not forward secrecy.
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(
0xC003, false, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDH_ECDSA, B_3DES, M_SHA, H_SHA256),
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(
0xC00D, false, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
K_ECDH_RSA, B_3DES, M_SHA, H_SHA256),
SSL_RSA_WITH_3DES_EDE_CBC_SHA(
0x000A, false, "SSL_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
ProtocolVersion.PROTOCOLS_TO_12,
K_RSA, B_3DES, M_SHA, H_SHA256),
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA(
0xC017, false, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", "",
ProtocolVersion.PROTOCOLS_TO_12,
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -51,6 +51,9 @@

import javax.net.ssl.SSLEngine;
import java.security.Security;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
* Test common DTLS cipher suites.
@@ -59,10 +62,12 @@ public class CipherSuite extends DTLSOverDatagram {

// use the specific cipher suite
volatile static String cipherSuite;
private static boolean reenable;

public static void main(String[] args) throws Exception {
if (args.length > 1 && "re-enable".equals(args[1])) {
Security.setProperty("jdk.tls.disabledAlgorithms", "");
reenable = true;
}

cipherSuite = args[0];
@@ -77,6 +82,11 @@ SSLEngine createSSLEngine(boolean isClient) throws Exception {

if (isClient) {
engine.setEnabledCipherSuites(new String[]{cipherSuite});
} else if (reenable) {
List<String> cipherSuites =
new ArrayList(Arrays.asList(engine.getEnabledCipherSuites()));
cipherSuites.add(cipherSuite);
engine.setEnabledCipherSuites(cipherSuites.toArray(new String[0]));
}

return engine;
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@

/*
* @test
* @bug 8076221 8211883
* @bug 8076221 8211883 8163327
* @summary Check if weak cipher suites are disabled
* @modules jdk.crypto.ec
* @run main/othervm DisabledAlgorithms default
@@ -60,9 +60,10 @@ public class DisabledAlgorithms {
System.getProperty("test.src", "./") + "/" + pathToStores +
"/" + trustStoreFile;

// supported RC4, NULL, and anon cipher suites
// supported 3DES, DES, RC4, NULL, and anon cipher suites
// it does not contain KRB5 cipher suites because they need a KDC
private static final String[] rc4_null_anon_ciphersuites = new String[] {
private static final String[] desede_des_rc4_null_anon_ciphersuites
= new String[] {
"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
"TLS_ECDHE_RSA_WITH_RC4_128_SHA",
"SSL_RSA_WITH_RC4_128_SHA",
@@ -90,11 +91,25 @@ public class DisabledAlgorithms {
"TLS_DH_anon_WITH_AES_256_CBC_SHA",
"TLS_DH_anon_WITH_AES_256_CBC_SHA256",
"TLS_DH_anon_WITH_AES_256_GCM_SHA384",
"SSL_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_RSA_WITH_DES_CBC_SHA",
"SSL_DHE_DSS_WITH_DES_CBC_SHA",
"SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
"SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA",
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
"TLS_ECDH_anon_WITH_AES_256_CBC_SHA",
"TLS_ECDH_anon_WITH_NULL_SHA",
"TLS_ECDH_anon_WITH_RC4_128_SHA"
"TLS_ECDH_anon_WITH_RC4_128_SHA",
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA"
};

public static void main(String[] args) throws Exception {
@@ -113,19 +128,25 @@ public static void main(String[] args) throws Exception {
System.out.println("jdk.tls.disabledAlgorithms = "
+ Security.getProperty("jdk.tls.disabledAlgorithms"));

// check if RC4, NULL, and anon cipher suites
// check if 3DES, DES, RC4, NULL, and anon cipher suites
// can't be used by default
checkFailure(rc4_null_anon_ciphersuites);
checkFailure(desede_des_rc4_null_anon_ciphersuites);
break;
case "empty":
// reset jdk.tls.disabledAlgorithms
Security.setProperty("jdk.tls.disabledAlgorithms", "");
System.out.println("jdk.tls.disabledAlgorithms = "
+ Security.getProperty("jdk.tls.disabledAlgorithms"));

// check if RC4, NULL, and anon cipher suites can be used
// if jdk.tls.disabledAlgorithms is empty
checkSuccess(rc4_null_anon_ciphersuites);
// reset jdk.certpath.disabledAlgorithms. This is necessary
// to allow the RSA_EXPORT suites to pass which use an RSA 512
// bit key which violates the default certpath constraints.
Security.setProperty("jdk.certpath.disabledAlgorithms", "");
System.out.println("jdk.certpath.disabledAlgorithms = "
+ Security.getProperty("jdk.certpath.disabledAlgorithms"));

// check if 3DES, DES, RC4, NULL, and anon cipher suites
// can be used if jdk.{tls,certpath}.disabledAlgorithms is empty
checkSuccess(desede_des_rc4_null_anon_ciphersuites);
break;
default:
throw new RuntimeException("Wrong parameter: " + args[0]);
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,9 +23,9 @@

/*
* @test
* @bug 8208350
* @summary Disable all DES cipher suites
* @run main/othervm NoDesRC4CiphSuite
* @bug 8208350 8163327
* @summary Disable all DES, RC4, and 3DES/DesEde cipher suites
* @run main/othervm NoDesRC4DesEdeCiphSuite
*/

/*
@@ -43,7 +43,7 @@
import java.util.ArrayList;
import java.util.Arrays;

public class NoDesRC4CiphSuite {
public class NoDesRC4DesEdeCiphSuite {

private static final boolean DEBUG = false;

@@ -80,6 +80,18 @@ public class NoDesRC4CiphSuite {
"SSL_RSA_EXPORT_WITH_RC4_40_MD5",
"SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"
};
private static final List<Integer> DESEDE_CS_LIST = Arrays.asList(
0xC008, 0xC012, 0x0016, 0x0013, 0xC003, 0xC00D, 0x000A
);
private static final String[] DESEDE_CS_LIST_NAMES = new String[] {
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA"
};

private static final ByteBuffer CLIOUTBUF =
ByteBuffer.wrap("Client Side".getBytes());
@@ -99,6 +111,11 @@ public static void main(String[] args) throws Exception {
allGood &= testEngAddDisabled(RC4_CS_LIST_NAMES, RC4_CS_LIST);
allGood &= testEngOnlyDisabled(RC4_CS_LIST_NAMES);

// Disabled 3DES tests
allGood &= testDefaultCase(DESEDE_CS_LIST);
allGood &= testEngAddDisabled(DESEDE_CS_LIST_NAMES, DESEDE_CS_LIST);
allGood &= testEngOnlyDisabled(DESEDE_CS_LIST_NAMES);

if (allGood) {
System.err.println("All tests passed");
} else {

1 comment on commit 138460c

@openjdk-notifier
Copy link

@openjdk-notifier openjdk-notifier bot commented on 138460c Mar 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.