JDK-8265086 : jarsigner tool should display descriptive message when multiple constraints are specified
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 7u291,8u281,11.0.8-oracle,16.0.1,17
  • Priority: P3
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2021-04-12
  • Updated: 2021-09-01
  • Resolved: 2021-09-01
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 18
18Resolved
Related Reports
Duplicate :  
JDK-8269039 - Disable SHA-1 Signed JARs
Relates :  
JDK-8273236 - keytool does not accurately warn about algorithms that are disabled but have additional constraints
Description
Issue:
When multiple constraints are specified in java.security file to restrict certain algorithm. 
Jarsigner doesn't display appropriate error mesage indicating which security property is causing the operation to fail.

Steps to reprodue:

1. Add the constraint "SHA1 jdkCA" to "jdk.jar.disabledAlgorithms" property in java.security file as below:

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
      DSA keySize < 1024, include jdk.disabled.namedCurves, \
      SHA1 jdkCA

2. Create a jar file (any simple jar).

3. Generate Key pair and rootCA using below keytool command.

i. keytool -genkey -keystore keystoressl.jks -alias "ssl [jdk]" -keyalg RSA -sigalg SHA1withRSA -validity 365 -keysize 1024

ii. keytool -export -alias "ssl [jdk]" -keystore keystoressl.jks -rfc -file out.crt

4. Import this rootaCA (out.crt) to jdk cacerts

i. keytool -import -trustcacerts -keystore $LOCATION_TO_JDK_CA_CERTS
\-storepass changeit  -file $LOCATION_TO_ROOT_CA -alias "ssl [jdk]"

5. Sign the jar using SHA1 digest and signature alg.
jarsigner -keystore keystoressl.jks JarSignTester.jar "ssl [jdk]" -sigalg SHA1withRSA -digestalg sha1

6. Verify the jar
jarsigner -verify JarSignTester.jar -keystore keystoressl.jks -verbose -strict

The result look like below:
WARNING: Signature is either not parsable or not verifiable, and the jar will be treated as unsigned. For more information, re-run jarsigner with debug enabled (-J-Djava.security.debug=jar).

If jdkCA is removed from constraint keeping only SHA1, then we get the below descriptive results from jarsigner -verify

WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:

  jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, include jdk.disabled.namedCurves, SHA1

I observed similar issue on latest jdk-jdk as well.
Comments
jarsigner warnings will be addressed as part of JDK-8269039. Changes for keytool will be addressed in a separate issue: JDK-8273236
01-09-2021
I have addressed this as part of JDK-8269039, so reassigning to myself. I will probably split off the keytool work (which is similar) into a separate issue though.
18-08-2021
There is a similar issue with keytool.
13-04-2021