New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8153005: Upgrade the default PKCS12 encryption/MAC algorithms #473
Conversation
|
TBD: We bumped iteration counts for PBE and HMAC to 50000 and 100000 when we were using weak algorithms. Now that the algorithms are strong, we can consider lower them. Currently, openssl 3.0.0 uses 2048 and Windows Server 2019 uses 2000. |
Webrevs
|
@@ -48,7 +48,11 @@ | |||
|
|||
public static void main(String[] args) throws Throwable { | |||
|
|||
SecurityTools.keytool("-genkeypair -storetype pkcs12 -keystore ks" | |||
// Using the old algorithms to make sure the file is recognized |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we also want to have a test that uses the new algorithms?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I only know Windows Server 2019 can accept the new algorithms.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, but maybe we can split this test in two and use the jtreg @requires tag to run the newer algorithms on Windows Server 2019? It would be a useful test if this is the only test where we test PKCS12 interop with Windows.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK. Or I can see if there is an existing method in test/lib that can detects the version.
@@ -1,5 +1,5 @@ | |||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this test change supposed to be a part of this fix?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the change simplifies checkAlg
calls so they don't need to convert KnownOIDs
or String
to ObjectIdentifier
first.
private static final String DEFAULT_KEY_PBE_ALGORITHM | ||
= "PBEWithHmacSHA256AndAES_256"; | ||
private static final String DEFAULT_MAC_ALGORITHM = "HmacPBESHA256"; | ||
private static final int DEFAULT_PBE_ITERATION_COUNT = 50000; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As we have keystore.pkcs12.certPbeIterationCount and keystore.pkcs12.keyPbeIterationCount, I would like to suggest that we can define DEFAULT_CERT_PBE_ITERATION_COUNT and DEFAULT_KEY_PBE_ITERATION_COUNT, specifying each of the values for finer granularity. Same for LEGACY_PBE_ITERATION_COUNT.
@@ -48,7 +48,11 @@ | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add bug number to @bug.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK.
CSR looks good. In "Sepcification" section: a typo in 'Thr iteration counts used by'. At the end, it describes the new system property will override the security properties and use the older and weaker algorithms, so suggest we could also add text about setting the iteration counts to the default legacy values. |
CSR updated. More description, and iteration counts lowered to 10000. Will update code soon. |
New commit updating ic to 10000. I also created separate constants for DEFAULT_CERT_PBE_ITERATION_COUNT and DEFAULT_KEY_PBE_ITERATION_COUNT. I haven't made the change for LEGACY_PBE_ITERATION_COUNT since they will never change. |
Are you still planning, or is it possible to add a test for Windows 2019? Also, have you considered adding a test that checks if the JDK can read OpenSSL PKCS#12 files and vice versa? Maybe we can do that later as a follow-on issue. Otherwise, I will approve. |
I tried but cannot find a way to tell if a system is Windows Server 2016 or 2019. Their os.version is all 10.0. I've filed an enhancement at https://bugs.openjdk.java.net/browse/JDK-8254241 for it. That said, I did try running the test on a Windows Server 2019 using new algorithms and it succeeds. |
There are existing tests reading openssl generated pkcs12 files in https://github.com/openjdk/jdk/tree/master/test/jdk/sun/security/pkcs12/params, it already contains files using both weak and strong algorithms. |
Update Thinking about adding a benchmark, but it will be in another commit. |
/csr needed |
@wangweij this pull request will not be integrated until the CSR request JDK-8228481 for issue JDK-8153005 has been approved. |
@wangweij This change now passes all automated pre-integration checks. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 81 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.
|
/integrate |
@wangweij Since your change was applied there have been 81 commits pushed to the
Your commit was automatically rebased without conflicts. Pushed as commit f77a658. |
Default algorithms are bumped to be based on PBES2 with AES-256 and SHA-256. Please also review the CSR at https://bugs.openjdk.java.net/browse/JDK-8228481.
Progress
Testing
Issue
Reviewers
Download
$ git fetch https://git.openjdk.java.net/jdk pull/473/head:pull/473
$ git checkout pull/473