JDK-8244286 : Release Note: Tools Warn If Weak Algorithms Are Used
- Type: Sub-task
- Component: security-libs
- Sub-Component: java.security
- Affected Version: 7u281,8u271,11.0.9-oracle,15
- Priority: P4
- Status: Closed
- Resolution: Delivered
- Submitted: 2020-05-02
- Updated: 2021-12-02
- Resolved: 2020-08-04
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 15 | JDK 7 | JDK 8 |
|---|---|---|---|
| 11.0.9-oracleResolved | 15Resolved  |
7u281Resolved | 8u271Resolved |
Description
The `keytool` and `jarsigner` tools have been updated to warn users when weak cryptographic algorithms are used in keys, certificates, and signed JARs before they are disabled. The weak algorithms are set in the `jdk.security.legacyAlgorithms` security property in the `java.security` configuration file. In this release, the tools issue warnings for the SHA-1 hash algorithm and 1024-bit RSA/DSA keys.