JDK-8261246 : Disable SHA-1 XML Signatures
  • Type: CSR
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Priority: P3
  • Status: Closed
  • Resolution: Approved
  • Fix Versions: 17
  • Submitted: 2021-02-05
  • Updated: 2021-09-21
  • Resolved: 2021-02-09
Related Reports
CSR :  
Description
Summary
-------

Disable by default XML Signatures that use SHA-1 based digest or signature algorithms. SHA-1 is no longer a recommended algorithm for digital signatures.

Problem
-------

SHA-1 is no longer a recommended algorithm. This will improve out of the box security by restricting XML signatures that use SHA-1 algorithms.

Solution
--------

Disable SHA-1 by adding the signature and digest algorithm URIs that use SHA-1 to the `jdk.xml.dsig.secureValidationPolicy` security property.  The hmac-sha1 algorithm will not be disabled
however as it does not have the same security weaknesses.

Specification
-------------
Make the following changes to the `java.security` configuration file:
```
  jdk.xml.dsig.secureValidationPolicy=\
      disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\
      disallowAlg http://www.w3.org/2001/04/xmldsig-more#rsa-md5,\
      disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\
      disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\
+     disallowAlg http://www.w3.org/2000/09/xmldsig#sha1,\
+     disallowAlg http://www.w3.org/2000/09/xmldsig#dsa-sha1,\
+     disallowAlg http://www.w3.org/2000/09/xmldsig#rsa-sha1,\
+     disallowAlg http://www.w3.org/2007/05/xmldsig-more#sha1-rsa-MGF1,\
+     disallowAlg http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1,\
      maxTransforms 5,\
      maxReferences 30,\
      disallowReferenceUriSchemes file http https,\
      minKeySize RSA 1024,\
      minKeySize DSA 1024,\
```

Comments
I see a release note is already planned; moving to Approved.
09-02-2021