On Fri, 18 Jul 2025 01:44:33 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> This enhancement introduces a new security property
> "jdk.crypto.disabledAlgorithms" which can be leveraged to disable algorithms
> for JCE/JCA crypto services. For now, only Cipher, KeyStore, MessageDigest,
> and Signature services support this new security property. The support can be
> expanded later to cover more services if needed. Note that this security
> property is meant to disable algorithms irrespective of providers. If the
> algorithm is found to be disabled, it will be rejected before reaching out to
> provider(s) for the corresponding implementation(s).
>
> A few implementation notes:
> 1) The specified security property value is lazily loaded and all changes
> after it's been loaded are ignored. Invalid entries, e.g. wrong syntax, are
> ignored and removed. The algorithm name check is case-insensitive. If a
> disabled algorithm is known to has an object identifier (oid) by JDK, this
> oid and its aliases is also added to the disabled services.
> 2) The algorithm name checking impl is based on the
> sun.security.util.AlgorithmConstraints class, but without the decomposing and
> different constraints.
> 3) The hardwiring of NONEwithRSA signature to RSA/ECB/PKCS1Padding cipher in
> java.security.Signature class is removed. Instead, this is moved to the
> provider level, i.e. SunJCE and SunPKCS11 provider are changed to claim the
> NONEwithRSA signature support. Disabling one will not affect the other.
>
> CSR will be filed once the review is wrapping up.
>
> Thanks~
> Valerie
Some initial comments.
src/java.base/share/classes/javax/crypto/Cipher.java line 526:
> 524: * on the transformation defaults used by JDK providers.
> 525: * </li>
> 526: * <li>the {@code jdk.crypto.disabledAlgorithms}
Missing "The JDK Reference Implementation additionally uses".
src/java.base/share/classes/javax/crypto/Cipher.java line 702:
> 700: * on the transformation defaults used by JDK providers.
> 701: *
> 702: * @implNote
You also need a similar implNote for `getInstance(String, String)`.
src/java.base/share/classes/javax/crypto/Cipher.java line 706:
> 704: * the {@code jdk.crypto.disabledAlgorithms}
> 705: * {@link Security#getProperty(String) Security} property to
> determine
> 706: * if the specified keystore type is allowed.
s/keystore type/algorithm/
-------------
PR Review: https://git.openjdk.org/jdk/pull/26377#pullrequestreview-3053183717
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2229514609
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2229532938
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2229513661
