Skip to content
Permalink
Browse files
8259801: Enable XML Signature secure validation mode by default
Reviewed-by: weijun, rhalade
  • Loading branch information
Sean Mullan committed Jan 28, 2021
1 parent 20e7df5 commit baf46bac41f11c01691c4d4c77b24f76fedb5926
@@ -925,10 +925,11 @@ jdk.tls.keyLimits=AES/GCM/NoPadding KeyUpdate 2^37
crypto.policy=crypto.policydir-tbd

#
# The policy for the XML Signature secure validation mode. The mode is
# enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
# true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
# or by running the code with a SecurityManager.
# The policy for the XML Signature secure validation mode. Validation of
# XML Signatures that violate any of these constraints will fail. The
# mode is enforced by default. The mode can be disabled by setting the
# property "org.jcp.xml.dsig.secureValidation" to Boolean.FALSE with the
# javax.xml.crypto.XMLCryptoContext.setProperty() method.
#
# Policy:
# Constraint {"," Constraint }
@@ -955,8 +956,8 @@ crypto.policy=crypto.policydir-tbd
# MaxReferencesConstraint or KeySizeConstraint (for the same key type) is
# specified more than once, only the last entry is enforced.
#
# Note: This property is currently used by the JDK Reference implementation. It
# is not guaranteed to be examined and used by other implementations.
# Note: This property is currently used by the JDK Reference implementation.
# It is not guaranteed to be examined and used by other implementations.
#
jdk.xml.dsig.secureValidationPolicy=\
disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -51,6 +51,14 @@
* (for example, you should not use the same <code>DOMValidateContext</code>
* instance to validate two different {@link XMLSignature} objects).
*
* @implNote
* By default, the JDK implementation enables a secure validation mode by
* setting the <code>org.jcp.xml.dsig.secureValidation</code> property to
* <code>Boolean.TRUE</code> (see the {@link #setProperty setProperty}
* method). When enabled, validation of XML signatures are subject to
* stricter checking of algorithms and other constraints as specified by the
* <code>jdk.xml.dsig.secureValidationPolicy</code> security property.
*
* @author Sean Mullan
* @author JSR 105 Expert Group
* @since 1.6
@@ -103,10 +111,7 @@ private void init(Node node, KeySelector ks) {

this.node = node;
super.setKeySelector(ks);
if (System.getSecurityManager() != null) {
super.setProperty("org.jcp.xml.dsig.secureValidation",
Boolean.TRUE);
}
super.setProperty("org.jcp.xml.dsig.secureValidation", Boolean.TRUE);
}

/**
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -603,21 +603,21 @@ static void test_create_signature_enveloped_dsa(int size) throws Exception {
static void test_create_signature_enveloping_b64_dsa() throws Exception {
System.out.println("* Generating signature-enveloping-b64-dsa.xml");
test_create_signature_enveloping
(sha1, dsaSha1, dsa1024, signingKey, kvks, true);
(sha1, dsaSha1, dsa1024, signingKey, kvks, true, true);
System.out.println();
}

static void test_create_signature_enveloping_dsa() throws Exception {
System.out.println("* Generating signature-enveloping-dsa.xml");
test_create_signature_enveloping
(sha1, dsaSha1, dsa1024, signingKey, kvks, false);
(sha1, dsaSha1, dsa1024, signingKey, kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha256_dsa() throws Exception {
System.out.println("* Generating signature-enveloping-sha256-dsa.xml");
test_create_signature_enveloping
(sha256, dsaSha1, dsa1024, signingKey, kvks, false);
(sha256, dsaSha1, dsa1024, signingKey, kvks, false, true);
System.out.println();
}

@@ -626,7 +626,7 @@ static void test_create_signature_enveloping_hmac_sha1_40()
System.out.println("* Generating signature-enveloping-hmac-sha1-40.xml");
try {
test_create_signature_enveloping(sha1, hmacSha1, null,
getSecretKey("secret".getBytes("ASCII")), sks, false);
getSecretKey("secret".getBytes("ASCII")), sks, false, true);
} catch (Exception e) {
if (!(e instanceof XMLSignatureException)) {
throw e;
@@ -639,199 +639,199 @@ static void test_create_signature_enveloping_hmac_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-hmac-sha256.xml");
test_create_signature_enveloping(sha1, hmacSha256, null,
getSecretKey("secret".getBytes("ASCII")), sks, false);
getSecretKey("secret".getBytes("ASCII")), sks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_hmac_sha224()
throws Exception {
System.out.println("* Generating signature-enveloping-hmac-sha224.xml");
test_create_signature_enveloping(sha1, hmacSha224, null,
getSecretKey("secret".getBytes("ASCII")), sks, false);
getSecretKey("secret".getBytes("ASCII")), sks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_hmac_sha384()
throws Exception {
System.out.println("* Generating signature-enveloping-hmac-sha384.xml");
test_create_signature_enveloping(sha1, hmacSha384, null,
getSecretKey("secret".getBytes("ASCII")), sks, false);
getSecretKey("secret".getBytes("ASCII")), sks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_hmac_sha512()
throws Exception {
System.out.println("* Generating signature-enveloping-hmac-sha512.xml");
test_create_signature_enveloping(sha1, hmacSha512, null,
getSecretKey("secret".getBytes("ASCII")), sks, false);
getSecretKey("secret".getBytes("ASCII")), sks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_rsa() throws Exception {
System.out.println("* Generating signature-enveloping-rsa.xml");
test_create_signature_enveloping(sha1, rsaSha1, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha384_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha384-rsa_sha256.xml");
test_create_signature_enveloping(sha384, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha224_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha224-rsa_sha256.xml");
test_create_signature_enveloping(sha224, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha3_224_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha3_224-rsa_sha256.xml");
test_create_signature_enveloping(sha3_224, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha3_256_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha3_256-rsa_sha256.xml");
test_create_signature_enveloping(sha3_256, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha3_384_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha3_384-rsa_sha256.xml");
test_create_signature_enveloping(sha3_384, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha3_512_rsa_sha256()
throws Exception {
System.out.println("* Generating signature-enveloping-sha3_512-rsa_sha256.xml");
test_create_signature_enveloping(sha3_512, rsaSha256, rsa,
getPrivateKey("RSA", 512), kvks, false);
getPrivateKey("RSA", 512), kvks, false, false);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha384()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha384.xml");
test_create_signature_enveloping(sha512, rsaSha384, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha224()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha224.xml");
test_create_signature_enveloping(sha512, rsaSha224, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha512()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha512.xml");
test_create_signature_enveloping(sha512, rsaSha512, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha1_mgf1()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha1_mgf1.xml");
test_create_signature_enveloping(sha512, rsaSha1mgf1, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha224_mgf1()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha224_mgf1.xml");
test_create_signature_enveloping(sha512, rsaSha224mgf1, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha256_mgf1()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha256_mgf1.xml");
test_create_signature_enveloping(sha512, rsaSha256mgf1, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha384_mgf1()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha384_mgf1.xml");
test_create_signature_enveloping(sha512, rsaSha384mgf1, rsa1024,
getPrivateKey("RSA", 1024), kvks, false);
getPrivateKey("RSA", 1024), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_sha512_rsa_sha512_mgf1()
throws Exception {
System.out.println("* Generating signature-enveloping-sha512-rsa_sha512_mgf1.xml");
test_create_signature_enveloping(sha512, rsaSha512mgf1, rsa2048,
getPrivateKey("RSA", 2048), kvks, false);
getPrivateKey("RSA", 2048), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p256_sha1() throws Exception {
System.out.println("* Generating signature-enveloping-p256-sha1.xml");
test_create_signature_enveloping(sha1, ecdsaSha1, p256ki,
getECPrivateKey("P256"), kvks, false);
getECPrivateKey("P256"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p256_sha224() throws Exception {
System.out.println("* Generating signature-enveloping-p256-sha224.xml");
test_create_signature_enveloping(sha1, ecdsaSha224, p256ki,
getECPrivateKey("P256"), kvks, false);
getECPrivateKey("P256"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p256_sha256() throws Exception {
System.out.println("* Generating signature-enveloping-p256-sha256.xml");
test_create_signature_enveloping(sha1, ecdsaSha256, p256ki,
getECPrivateKey("P256"), kvks, false);
getECPrivateKey("P256"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p256_sha384() throws Exception {
System.out.println("* Generating signature-enveloping-p256-sha384.xml");
test_create_signature_enveloping(sha1, ecdsaSha384, p256ki,
getECPrivateKey("P256"), kvks, false);
getECPrivateKey("P256"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p256_sha512() throws Exception {
System.out.println("* Generating signature-enveloping-p256-sha512.xml");
test_create_signature_enveloping(sha1, ecdsaSha512, p256ki,
getECPrivateKey("P256"), kvks, false);
getECPrivateKey("P256"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p384_sha1() throws Exception {
System.out.println("* Generating signature-enveloping-p384-sha1.xml");
test_create_signature_enveloping(sha1, ecdsaSha1, p384ki,
getECPrivateKey("P384"), kvks, false);
getECPrivateKey("P384"), kvks, false, true);
System.out.println();
}

static void test_create_signature_enveloping_p521_sha1() throws Exception {
System.out.println("* Generating signature-enveloping-p521-sha1.xml");
test_create_signature_enveloping(sha1, ecdsaSha1, p521ki,
getECPrivateKey("P521"), kvks, false);
getECPrivateKey("P521"), kvks, false, true);
System.out.println();
}

@@ -963,6 +963,7 @@ static void test_create_signature_reference_dependency() throws Exception {

DOMValidateContext dvc = new DOMValidateContext
(kvks, doc.getDocumentElement());
dvc.setProperty("org.jcp.xml.dsig.secureValidation", false);
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

if (sig.equals(sig2) == false) {
@@ -1010,6 +1011,7 @@ static void test_create_signature_with_attr_in_no_namespace()

DOMValidateContext dvc = new DOMValidateContext
(kvks, doc.getDocumentElement());
dvc.setProperty("org.jcp.xml.dsig.secureValidation", false);
dvc.setIdAttributeNS(nc, null, "Id");
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

@@ -1451,7 +1453,7 @@ private static void dumpDocument(Document doc, Writer w) throws Exception {

private static void test_create_signature_enveloping
(DigestMethod dm, SignatureMethod sm, KeyInfo ki, Key signingKey,
KeySelector ks, boolean b64) throws Exception {
KeySelector ks, boolean b64, boolean secVal) throws Exception {

// create reference
Reference ref;
@@ -1486,6 +1488,7 @@ private static void dumpDocument(Document doc, Writer w) throws Exception {

DOMValidateContext dvc = new DOMValidateContext
(ks, doc.getDocumentElement());
dvc.setProperty("org.jcp.xml.dsig.secureValidation", secVal);
XMLSignature sig2 = fac.unmarshalXMLSignature(dvc);

if (sig.equals(sig2) == false) {

1 comment on commit baf46ba

@openjdk-notifier

This comment has been minimized.

Copy link

@openjdk-notifier openjdk-notifier bot commented on baf46ba Jan 28, 2021

Please sign in to comment.