Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8165274

SHA1 certpath constraint check fails with OCSP certificate

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b142
    • Verification:
      Verified

      Backports

        Description

        OCSP certificate with SHA1 signature is not algorithm constrained when jdk.certpath.disabledAlgorithms is set to restrict SHA1.

        A setup where certificate path includes all certificates with SHA256 except OCSP, successfully validates certpath when SHA1 is constrained. Since OCSP signer certificate has SHA1 signature, it should be restricted and validation should fail with "Algorithm constraint check failed".

        CRL signing should also be checked in the same context.

          Issue Links

            Activity

            Hide
            ascarpino Anthony Scarpino added a comment -
            Looking at the provided debug, certpath looks like it is blocking only certificate chains with trust anchors in cacerts file:
              certpath: jdkCAConstraints.permits(): SHA1

            From the subject name, this does not look like a pre-existing certificate in the cacerts:
              Issuer: CN=INT-SHA256, O=Oracle, ST=SCA, C=US

            Questions:
            What is jdk.certpath.disabledAlgorithms?
            Was a cert added to cacerts with the " [jdk]" as the suffix?
            Do you see farther up in the debug log, around checker2, it searching AnchorCertificate.contains() for a match?
            Show
            ascarpino Anthony Scarpino added a comment - Looking at the provided debug, certpath looks like it is blocking only certificate chains with trust anchors in cacerts file:   certpath: jdkCAConstraints.permits(): SHA1 From the subject name, this does not look like a pre-existing certificate in the cacerts:   Issuer: CN=INT-SHA256, O=Oracle, ST=SCA, C=US Questions: What is jdk.certpath.disabledAlgorithms? Was a cert added to cacerts with the " [jdk]" as the suffix? Do you see farther up in the debug log, around checker2, it searching AnchorCertificate.contains() for a match?
            Hide
            rhalade Rajan Halade added a comment -
            What is jdk.certpath.disabledAlgorithms?
            jdk.certpath.disabledAlgorithms is set to "MD2, MD5, SHA-1 jdkCA"

            Was a cert added to cacerts with the " [jdk]" as the suffix?
            Yes, CA is with " [jdk]" suffix.

            Do you see farther up in the debug log, around checker2, it searching AnchorCertificate.contains() for a match?
            EE certificate has SHA256 signature, the issue is with OCSP certificate which has SHA1 signature.
            Show
            rhalade Rajan Halade added a comment - What is jdk.certpath.disabledAlgorithms? jdk.certpath.disabledAlgorithms is set to "MD2, MD5, SHA-1 jdkCA" Was a cert added to cacerts with the " [jdk]" as the suffix? Yes, CA is with " [jdk]" suffix. Do you see farther up in the debug log, around checker2, it searching AnchorCertificate.contains() for a match? EE certificate has SHA256 signature, the issue is with OCSP certificate which has SHA1 signature.
            Hide
            rhalade Rajan Halade added a comment -
            Check DisabledAlgorithmConstraints:527 fails as trustedMatch is set to false.

            OCSPResponse.verify:504, while creating AlgorithmChecker, OCSP responders issuerCert is passed as TrustAnhor. This test uses folllowing chain:

            - CA -> INT-SHA256 -> EE-SHA256
                                              -> OCSP-SHA1

            Since issuer for OCSP-SHA1 is INT-SHA256, which is not in cacerts, trustsedMatch is set to false and as a result, DisabledAlgorithmConstraints:527 accepts OCSP with SHA1 signature.

            OCSPResponse.verify:504 should chain all the way to find top trustAnchor and then set trustedMatch.
            Show
            rhalade Rajan Halade added a comment - Check DisabledAlgorithmConstraints:527 fails as trustedMatch is set to false. OCSPResponse.verify:504, while creating AlgorithmChecker, OCSP responders issuerCert is passed as TrustAnhor. This test uses folllowing chain: - CA -> INT-SHA256 -> EE-SHA256                                   -> OCSP-SHA1 Since issuer for OCSP-SHA1 is INT-SHA256, which is not in cacerts, trustsedMatch is set to false and as a result, DisabledAlgorithmConstraints:527 accepts OCSP with SHA1 signature. OCSPResponse.verify:504 should chain all the way to find top trustAnchor and then set trustedMatch.
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/70abbd047ed7
            User: ascarpino
            Date: 2016-10-18 22:13:51 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/70abbd047ed7 User: ascarpino Date: 2016-10-18 22:13:51 +0000
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/70abbd047ed7
            User: lana
            Date: 2016-10-26 20:16:10 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/70abbd047ed7 User: lana Date: 2016-10-26 20:16:10 +0000

              People

              • Assignee:
                ascarpino Anthony Scarpino
                Reporter:
                rhalade Rajan Halade
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: