java-17-openjdk/fips-17u-f8142a23d0a.patch
Andrew John Hughes 01cf14b7a6 Update FIPS support to bring in latest changes
* RH2036462: sun.security.pkcs11.wrapper.PKCS11.getInstance breakage
* RH2090378: Revert to disabling system security properties and FIPS mode support together

Rebase RH1648249 nss.cfg patch so it applies after the FIPS patch
Enable system security properties in the RPM (now disabled by default in the FIPS repo)
Improve security properties test to check both enabled and disabled behaviour
Run security properties test with property debugging on

Resolves: rhbz#2099844
Resolves: rhbz#2100677
2022-06-27 18:43:22 +01:00

3659 lines
161 KiB
Diff

diff --git a/make/autoconf/lib-sysconf.m4 b/make/autoconf/lib-sysconf.m4
new file mode 100644
index 00000000000..b2b1c1787da
--- /dev/null
+++ b/make/autoconf/lib-sysconf.m4
@@ -0,0 +1,84 @@
+#
+# Copyright (c) 2021, Red Hat, Inc.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation. Oracle designates this
+# particular file as subject to the "Classpath" exception as provided
+# by Oracle in the LICENSE file that accompanied this code.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+################################################################################
+# Setup system configuration libraries
+################################################################################
+AC_DEFUN_ONCE([LIB_SETUP_SYSCONF_LIBS],
+[
+ ###############################################################################
+ #
+ # Check for the NSS library
+ #
+
+ AC_MSG_CHECKING([whether to use the system NSS library with the System Configurator (libsysconf)])
+
+ # default is not available
+ DEFAULT_SYSCONF_NSS=no
+
+ AC_ARG_ENABLE([sysconf-nss], [AS_HELP_STRING([--enable-sysconf-nss],
+ [build the System Configurator (libsysconf) using the system NSS library if available @<:@disabled@:>@])],
+ [
+ case "${enableval}" in
+ yes)
+ sysconf_nss=yes
+ ;;
+ *)
+ sysconf_nss=no
+ ;;
+ esac
+ ],
+ [
+ sysconf_nss=${DEFAULT_SYSCONF_NSS}
+ ])
+ AC_MSG_RESULT([$sysconf_nss])
+
+ USE_SYSCONF_NSS=false
+ if test "x${sysconf_nss}" = "xyes"; then
+ PKG_CHECK_MODULES(NSS, nss >= 3.53, [NSS_FOUND=yes], [NSS_FOUND=no])
+ if test "x${NSS_FOUND}" = "xyes"; then
+ AC_MSG_CHECKING([for system FIPS support in NSS])
+ saved_libs="${LIBS}"
+ saved_cflags="${CFLAGS}"
+ CFLAGS="${CFLAGS} ${NSS_CFLAGS}"
+ LIBS="${LIBS} ${NSS_LIBS}"
+ AC_LANG_PUSH([C])
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <nss3/pk11pub.h>]],
+ [[SECMOD_GetSystemFIPSEnabled()]])],
+ [AC_MSG_RESULT([yes])],
+ [AC_MSG_RESULT([no])
+ AC_MSG_ERROR([System NSS FIPS detection unavailable])])
+ AC_LANG_POP([C])
+ CFLAGS="${saved_cflags}"
+ LIBS="${saved_libs}"
+ USE_SYSCONF_NSS=true
+ else
+ dnl NSS 3.53 is the one that introduces the SECMOD_GetSystemFIPSEnabled API
+ dnl in nss3/pk11pub.h.
+ AC_MSG_ERROR([--enable-sysconf-nss specified, but NSS 3.53 or above not found.])
+ fi
+ fi
+ AC_SUBST(USE_SYSCONF_NSS)
+])
diff --git a/make/autoconf/libraries.m4 b/make/autoconf/libraries.m4
index a65d91ee974..a8f054c1397 100644
--- a/make/autoconf/libraries.m4
+++ b/make/autoconf/libraries.m4
@@ -33,6 +33,7 @@ m4_include([lib-std.m4])
m4_include([lib-x11.m4])
m4_include([lib-fontconfig.m4])
m4_include([lib-tests.m4])
+m4_include([lib-sysconf.m4])
################################################################################
# Determine which libraries are needed for this configuration
@@ -104,6 +105,7 @@ AC_DEFUN_ONCE([LIB_SETUP_LIBRARIES],
LIB_SETUP_BUNDLED_LIBS
LIB_SETUP_MISC_LIBS
LIB_TESTS_SETUP_GTEST
+ LIB_SETUP_SYSCONF_LIBS
BASIC_JDKLIB_LIBS=""
if test "x$TOOLCHAIN_TYPE" != xmicrosoft; then
diff --git a/make/autoconf/spec.gmk.in b/make/autoconf/spec.gmk.in
index c2c9c4adf3a..9d105b37acf 100644
--- a/make/autoconf/spec.gmk.in
+++ b/make/autoconf/spec.gmk.in
@@ -836,6 +836,10 @@ INSTALL_SYSCONFDIR=@sysconfdir@
# Libraries
#
+USE_SYSCONF_NSS:=@USE_SYSCONF_NSS@
+NSS_LIBS:=@NSS_LIBS@
+NSS_CFLAGS:=@NSS_CFLAGS@
+
USE_EXTERNAL_LCMS:=@USE_EXTERNAL_LCMS@
LCMS_CFLAGS:=@LCMS_CFLAGS@
LCMS_LIBS:=@LCMS_LIBS@
diff --git a/make/modules/java.base/Lib.gmk b/make/modules/java.base/Lib.gmk
index 5658ff342e5..cb7a56852f7 100644
--- a/make/modules/java.base/Lib.gmk
+++ b/make/modules/java.base/Lib.gmk
@@ -167,6 +167,31 @@ ifeq ($(call isTargetOsType, unix), true)
endif
endif
+################################################################################
+# Create the systemconf library
+
+LIBSYSTEMCONF_CFLAGS :=
+LIBSYSTEMCONF_CXXFLAGS :=
+
+ifeq ($(USE_SYSCONF_NSS), true)
+ LIBSYSTEMCONF_CFLAGS += $(NSS_CFLAGS) -DSYSCONF_NSS
+ LIBSYSTEMCONF_CXXFLAGS += $(NSS_CFLAGS) -DSYSCONF_NSS
+endif
+
+ifeq ($(OPENJDK_BUILD_OS), linux)
+ $(eval $(call SetupJdkLibrary, BUILD_LIBSYSTEMCONF, \
+ NAME := systemconf, \
+ OPTIMIZATION := LOW, \
+ CFLAGS := $(CFLAGS_JDKLIB) $(LIBSYSTEMCONF_CFLAGS), \
+ CXXFLAGS := $(CXXFLAGS_JDKLIB) $(LIBSYSTEMCONF_CXXFLAGS), \
+ LDFLAGS := $(LDFLAGS_JDKLIB) \
+ $(call SET_SHARED_LIBRARY_ORIGIN), \
+ LIBS_unix := $(LIBDL) $(NSS_LIBS), \
+ ))
+
+ TARGETS += $(BUILD_LIBSYSTEMCONF)
+endif
+
################################################################################
# Create the symbols file for static builds.
diff --git a/src/java.base/linux/native/libsystemconf/systemconf.c b/src/java.base/linux/native/libsystemconf/systemconf.c
new file mode 100644
index 00000000000..8dcb7d9073f
--- /dev/null
+++ b/src/java.base/linux/native/libsystemconf/systemconf.c
@@ -0,0 +1,224 @@
+/*
+ * Copyright (c) 2021, Red Hat, Inc.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+#include <jni.h>
+#include <jni_util.h>
+#include "jvm_md.h"
+#include <stdio.h>
+
+#ifdef SYSCONF_NSS
+#include <nss3/pk11pub.h>
+#else
+#include <dlfcn.h>
+#endif //SYSCONF_NSS
+
+#include "java_security_SystemConfigurator.h"
+
+#define MSG_MAX_SIZE 256
+#define FIPS_ENABLED_PATH "/proc/sys/crypto/fips_enabled"
+
+typedef int (SECMOD_GET_SYSTEM_FIPS_ENABLED_TYPE)(void);
+
+static SECMOD_GET_SYSTEM_FIPS_ENABLED_TYPE *getSystemFIPSEnabled;
+static jmethodID debugPrintlnMethodID = NULL;
+static jobject debugObj = NULL;
+
+static void dbgPrint(JNIEnv *env, const char* msg)
+{
+ jstring jMsg;
+ if (debugObj != NULL) {
+ jMsg = (*env)->NewStringUTF(env, msg);
+ CHECK_NULL(jMsg);
+ (*env)->CallVoidMethod(env, debugObj, debugPrintlnMethodID, jMsg);
+ }
+}
+
+static void throwIOException(JNIEnv *env, const char *msg)
+{
+ jclass cls = (*env)->FindClass(env, "java/io/IOException");
+ if (cls != 0)
+ (*env)->ThrowNew(env, cls, msg);
+}
+
+static void handle_msg(JNIEnv *env, const char* msg, int msg_bytes)
+{
+ if (msg_bytes > 0 && msg_bytes < MSG_MAX_SIZE) {
+ dbgPrint(env, msg);
+ } else {
+ dbgPrint(env, "systemconf: cannot render message");
+ }
+}
+
+// Only used when NSS is not linked at build time
+#ifndef SYSCONF_NSS
+
+static void *nss_handle;
+
+static jboolean loadNSS(JNIEnv *env)
+{
+ char msg[MSG_MAX_SIZE];
+ int msg_bytes;
+ const char* errmsg;
+
+ nss_handle = dlopen(JNI_LIB_NAME("nss3"), RTLD_LAZY);
+ if (nss_handle == NULL) {
+ errmsg = dlerror();
+ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "loadNSS: dlopen: %s\n",
+ errmsg);
+ handle_msg(env, msg, msg_bytes);
+ return JNI_FALSE;
+ }
+ dlerror(); /* Clear errors */
+ getSystemFIPSEnabled = (SECMOD_GET_SYSTEM_FIPS_ENABLED_TYPE*)dlsym(nss_handle, "SECMOD_GetSystemFIPSEnabled");
+ if ((errmsg = dlerror()) != NULL) {
+ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "loadNSS: dlsym: %s\n",
+ errmsg);
+ handle_msg(env, msg, msg_bytes);
+ return JNI_FALSE;
+ }
+ return JNI_TRUE;
+}
+
+static void closeNSS(JNIEnv *env)
+{
+ char msg[MSG_MAX_SIZE];
+ int msg_bytes;
+ const char* errmsg;
+
+ if (dlclose(nss_handle) != 0) {
+ errmsg = dlerror();
+ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "closeNSS: dlclose: %s\n",
+ errmsg);
+ handle_msg(env, msg, msg_bytes);
+ }
+}
+
+#endif
+
+/*
+ * Class: java_security_SystemConfigurator
+ * Method: JNI_OnLoad
+ */
+JNIEXPORT jint JNICALL DEF_JNI_OnLoad(JavaVM *vm, void *reserved)
+{
+ JNIEnv *env;
+ jclass sysConfCls, debugCls;
+ jfieldID sdebugFld;
+
+ if ((*vm)->GetEnv(vm, (void**) &env, JNI_VERSION_1_2) != JNI_OK) {
+ return JNI_EVERSION; /* JNI version not supported */
+ }
+
+ sysConfCls = (*env)->FindClass(env,"java/security/SystemConfigurator");
+ if (sysConfCls == NULL) {
+ printf("libsystemconf: SystemConfigurator class not found\n");
+ return JNI_ERR;
+ }
+ sdebugFld = (*env)->GetStaticFieldID(env, sysConfCls,
+ "sdebug", "Lsun/security/util/Debug;");
+ if (sdebugFld == NULL) {
+ printf("libsystemconf: SystemConfigurator::sdebug field not found\n");
+ return JNI_ERR;
+ }
+ debugObj = (*env)->GetStaticObjectField(env, sysConfCls, sdebugFld);
+ if (debugObj != NULL) {
+ debugCls = (*env)->FindClass(env,"sun/security/util/Debug");
+ if (debugCls == NULL) {
+ printf("libsystemconf: Debug class not found\n");
+ return JNI_ERR;
+ }
+ debugPrintlnMethodID = (*env)->GetMethodID(env, debugCls,
+ "println", "(Ljava/lang/String;)V");
+ if (debugPrintlnMethodID == NULL) {
+ printf("libsystemconf: Debug::println(String) method not found\n");
+ return JNI_ERR;
+ }
+ debugObj = (*env)->NewGlobalRef(env, debugObj);
+ }
+
+#ifdef SYSCONF_NSS
+ getSystemFIPSEnabled = *SECMOD_GetSystemFIPSEnabled;
+#else
+ if (loadNSS(env) == JNI_FALSE) {
+ dbgPrint(env, "libsystemconf: Failed to load NSS library.");
+ }
+#endif
+
+ return (*env)->GetVersion(env);
+}
+
+/*
+ * Class: java_security_SystemConfigurator
+ * Method: JNI_OnUnload
+ */
+JNIEXPORT void JNICALL DEF_JNI_OnUnload(JavaVM *vm, void *reserved)
+{
+ JNIEnv *env;
+
+ if (debugObj != NULL) {
+ if ((*vm)->GetEnv(vm, (void**) &env, JNI_VERSION_1_2) != JNI_OK) {
+ return; /* Should not happen */
+ }
+#ifndef SYSCONF_NSS
+ closeNSS(env);
+#endif
+ (*env)->DeleteGlobalRef(env, debugObj);
+ }
+}
+
+JNIEXPORT jboolean JNICALL Java_java_security_SystemConfigurator_getSystemFIPSEnabled
+ (JNIEnv *env, jclass cls)
+{
+ int fips_enabled;
+ char msg[MSG_MAX_SIZE];
+ int msg_bytes;
+
+ if (getSystemFIPSEnabled != NULL) {
+ dbgPrint(env, "getSystemFIPSEnabled: calling SECMOD_GetSystemFIPSEnabled");
+ fips_enabled = (*getSystemFIPSEnabled)();
+ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "getSystemFIPSEnabled:" \
+ " SECMOD_GetSystemFIPSEnabled returned 0x%x", fips_enabled);
+ handle_msg(env, msg, msg_bytes);
+ return (fips_enabled == 1 ? JNI_TRUE : JNI_FALSE);
+ } else {
+ FILE *fe;
+
+ dbgPrint(env, "getSystemFIPSEnabled: reading " FIPS_ENABLED_PATH);
+ if ((fe = fopen(FIPS_ENABLED_PATH, "r")) == NULL) {
+ throwIOException(env, "Cannot open " FIPS_ENABLED_PATH);
+ return JNI_FALSE;
+ }
+ fips_enabled = fgetc(fe);
+ fclose(fe);
+ if (fips_enabled == EOF) {
+ throwIOException(env, "Cannot read " FIPS_ENABLED_PATH);
+ return JNI_FALSE;
+ }
+ msg_bytes = snprintf(msg, MSG_MAX_SIZE, "getSystemFIPSEnabled:" \
+ " read character is '%c'", fips_enabled);
+ handle_msg(env, msg, msg_bytes);
+ return (fips_enabled == '1' ? JNI_TRUE : JNI_FALSE);
+ }
+}
diff --git a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
index a020e1c15d8..6d459fdec01 100644
--- a/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
+++ b/src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
@@ -31,6 +31,7 @@ import java.security.SecureRandom;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.List;
+import jdk.internal.access.SharedSecrets;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
import static sun.security.util.SecurityProviderConstants.*;
@@ -78,6 +79,10 @@ import static sun.security.util.SecurityProviderConstants.*;
public final class SunJCE extends Provider {
+ private static final boolean systemFipsEnabled =
+ SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled();
+
@java.io.Serial
private static final long serialVersionUID = 6812507587804302833L;
@@ -143,285 +148,287 @@ public final class SunJCE extends Provider {
void putEntries() {
// reuse attribute map and reset before each reuse
HashMap<String, String> attrs = new HashMap<>(3);
- attrs.put("SupportedModes", "ECB");
- attrs.put("SupportedPaddings", "NOPADDING|PKCS1PADDING|OAEPPADDING"
- + "|OAEPWITHMD5ANDMGF1PADDING"
- + "|OAEPWITHSHA1ANDMGF1PADDING"
- + "|OAEPWITHSHA-1ANDMGF1PADDING"
- + "|OAEPWITHSHA-224ANDMGF1PADDING"
- + "|OAEPWITHSHA-256ANDMGF1PADDING"
- + "|OAEPWITHSHA-384ANDMGF1PADDING"
- + "|OAEPWITHSHA-512ANDMGF1PADDING"
- + "|OAEPWITHSHA-512/224ANDMGF1PADDING"
- + "|OAEPWITHSHA-512/256ANDMGF1PADDING");
- attrs.put("SupportedKeyClasses",
- "java.security.interfaces.RSAPublicKey" +
- "|java.security.interfaces.RSAPrivateKey");
- ps("Cipher", "RSA",
- "com.sun.crypto.provider.RSACipher", null, attrs);
-
- // common block cipher modes, pads
- final String BLOCK_MODES = "ECB|CBC|PCBC|CTR|CTS|CFB|OFB" +
- "|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64" +
- "|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64";
- final String BLOCK_MODES128 = BLOCK_MODES +
- "|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128" +
- "|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128";
- final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING";
-
- attrs.clear();
- attrs.put("SupportedModes", BLOCK_MODES);
- attrs.put("SupportedPaddings", BLOCK_PADS);
- attrs.put("SupportedKeyFormats", "RAW");
- ps("Cipher", "DES",
- "com.sun.crypto.provider.DESCipher", null, attrs);
- psA("Cipher", "DESede", "com.sun.crypto.provider.DESedeCipher",
- attrs);
- ps("Cipher", "Blowfish",
- "com.sun.crypto.provider.BlowfishCipher", null, attrs);
-
- ps("Cipher", "RC2",
- "com.sun.crypto.provider.RC2Cipher", null, attrs);
-
- attrs.clear();
- attrs.put("SupportedModes", BLOCK_MODES128);
- attrs.put("SupportedPaddings", BLOCK_PADS);
- attrs.put("SupportedKeyFormats", "RAW");
- psA("Cipher", "AES",
- "com.sun.crypto.provider.AESCipher$General", attrs);
-
- attrs.clear();
- attrs.put("SupportedKeyFormats", "RAW");
- psA("Cipher", "AES/KW/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES_KW_NoPadding",
- attrs);
- ps("Cipher", "AES/KW/PKCS5Padding",
- "com.sun.crypto.provider.KeyWrapCipher$AES_KW_PKCS5Padding",
- null, attrs);
- psA("Cipher", "AES/KWP/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES_KWP_NoPadding",
- attrs);
-
- psA("Cipher", "AES_128/ECB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES128_ECB_NoPadding",
- attrs);
- psA("Cipher", "AES_128/CBC/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES128_CBC_NoPadding",
- attrs);
- psA("Cipher", "AES_128/OFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES128_OFB_NoPadding",
- attrs);
- psA("Cipher", "AES_128/CFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES128_CFB_NoPadding",
- attrs);
- psA("Cipher", "AES_128/KW/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES128_KW_NoPadding",
- attrs);
- ps("Cipher", "AES_128/KW/PKCS5Padding",
- "com.sun.crypto.provider.KeyWrapCipher$AES128_KW_PKCS5Padding",
- null, attrs);
- psA("Cipher", "AES_128/KWP/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES128_KWP_NoPadding",
- attrs);
-
- psA("Cipher", "AES_192/ECB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES192_ECB_NoPadding",
- attrs);
- psA("Cipher", "AES_192/CBC/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES192_CBC_NoPadding",
- attrs);
- psA("Cipher", "AES_192/OFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES192_OFB_NoPadding",
- attrs);
- psA("Cipher", "AES_192/CFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES192_CFB_NoPadding",
- attrs);
- psA("Cipher", "AES_192/KW/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES192_KW_NoPadding",
- attrs);
- ps("Cipher", "AES_192/KW/PKCS5Padding",
- "com.sun.crypto.provider.KeyWrapCipher$AES192_KW_PKCS5Padding",
- null, attrs);
- psA("Cipher", "AES_192/KWP/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES192_KWP_NoPadding",
- attrs);
-
- psA("Cipher", "AES_256/ECB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES256_ECB_NoPadding",
- attrs);
- psA("Cipher", "AES_256/CBC/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES256_CBC_NoPadding",
- attrs);
- psA("Cipher", "AES_256/OFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES256_OFB_NoPadding",
- attrs);
- psA("Cipher", "AES_256/CFB/NoPadding",
- "com.sun.crypto.provider.AESCipher$AES256_CFB_NoPadding",
- attrs);
- psA("Cipher", "AES_256/KW/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES256_KW_NoPadding",
- attrs);
- ps("Cipher", "AES_256/KW/PKCS5Padding",
- "com.sun.crypto.provider.KeyWrapCipher$AES256_KW_PKCS5Padding",
- null, attrs);
- psA("Cipher", "AES_256/KWP/NoPadding",
- "com.sun.crypto.provider.KeyWrapCipher$AES256_KWP_NoPadding",
- attrs);
-
- attrs.clear();
- attrs.put("SupportedModes", "GCM");
- attrs.put("SupportedKeyFormats", "RAW");
-
- ps("Cipher", "AES/GCM/NoPadding",
- "com.sun.crypto.provider.GaloisCounterMode$AESGCM", null,
- attrs);
- psA("Cipher", "AES_128/GCM/NoPadding",
- "com.sun.crypto.provider.GaloisCounterMode$AES128",
- attrs);
- psA("Cipher", "AES_192/GCM/NoPadding",
- "com.sun.crypto.provider.GaloisCounterMode$AES192",
- attrs);
- psA("Cipher", "AES_256/GCM/NoPadding",
- "com.sun.crypto.provider.GaloisCounterMode$AES256",
- attrs);
-
- attrs.clear();
- attrs.put("SupportedModes", "CBC");
- attrs.put("SupportedPaddings", "NOPADDING");
- attrs.put("SupportedKeyFormats", "RAW");
- ps("Cipher", "DESedeWrap",
- "com.sun.crypto.provider.DESedeWrapCipher", null, attrs);
-
- attrs.clear();
- attrs.put("SupportedModes", "ECB");
- attrs.put("SupportedPaddings", "NOPADDING");
- attrs.put("SupportedKeyFormats", "RAW");
- psA("Cipher", "ARCFOUR",
- "com.sun.crypto.provider.ARCFOURCipher", attrs);
-
- attrs.clear();
- attrs.put("SupportedKeyFormats", "RAW");
- ps("Cipher", "ChaCha20",
- "com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Only",
- null, attrs);
- psA("Cipher", "ChaCha20-Poly1305",
- "com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Poly1305",
- attrs);
-
- // PBES1
- psA("Cipher", "PBEWithMD5AndDES",
- "com.sun.crypto.provider.PBEWithMD5AndDESCipher",
- null);
- ps("Cipher", "PBEWithMD5AndTripleDES",
- "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher");
- psA("Cipher", "PBEWithSHA1AndDESede",
- "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede",
- null);
- psA("Cipher", "PBEWithSHA1AndRC2_40",
- "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40",
- null);
- psA("Cipher", "PBEWithSHA1AndRC2_128",
- "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128",
- null);
- psA("Cipher", "PBEWithSHA1AndRC4_40",
- "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40",
- null);
-
- psA("Cipher", "PBEWithSHA1AndRC4_128",
- "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128",
- null);
-
- // PBES2
- ps("Cipher", "PBEWithHmacSHA1AndAES_128",
- "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_128");
-
- ps("Cipher", "PBEWithHmacSHA224AndAES_128",
- "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_128");
-
- ps("Cipher", "PBEWithHmacSHA256AndAES_128",
- "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_128");
-
- ps("Cipher", "PBEWithHmacSHA384AndAES_128",
- "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_128");
-
- ps("Cipher", "PBEWithHmacSHA512AndAES_128",
- "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_128");
-
- ps("Cipher", "PBEWithHmacSHA1AndAES_256",
- "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_256");
-
- ps("Cipher", "PBEWithHmacSHA224AndAES_256",
- "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_256");
-
- ps("Cipher", "PBEWithHmacSHA256AndAES_256",
- "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_256");
-
- ps("Cipher", "PBEWithHmacSHA384AndAES_256",
- "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_256");
-
- ps("Cipher", "PBEWithHmacSHA512AndAES_256",
- "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_256");
-
- /*
- * Key(pair) Generator engines
- */
- ps("KeyGenerator", "DES",
- "com.sun.crypto.provider.DESKeyGenerator");
- psA("KeyGenerator", "DESede",
- "com.sun.crypto.provider.DESedeKeyGenerator",
- null);
- ps("KeyGenerator", "Blowfish",
- "com.sun.crypto.provider.BlowfishKeyGenerator");
- psA("KeyGenerator", "AES",
- "com.sun.crypto.provider.AESKeyGenerator",
- null);
- ps("KeyGenerator", "RC2",
- "com.sun.crypto.provider.KeyGeneratorCore$RC2KeyGenerator");
- psA("KeyGenerator", "ARCFOUR",
- "com.sun.crypto.provider.KeyGeneratorCore$ARCFOURKeyGenerator",
- null);
- ps("KeyGenerator", "ChaCha20",
- "com.sun.crypto.provider.KeyGeneratorCore$ChaCha20KeyGenerator");
- ps("KeyGenerator", "HmacMD5",
- "com.sun.crypto.provider.HmacMD5KeyGenerator");
-
- psA("KeyGenerator", "HmacSHA1",
- "com.sun.crypto.provider.HmacSHA1KeyGenerator", null);
- psA("KeyGenerator", "HmacSHA224",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA224",
- null);
- psA("KeyGenerator", "HmacSHA256",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA256",
- null);
- psA("KeyGenerator", "HmacSHA384",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA384",
- null);
- psA("KeyGenerator", "HmacSHA512",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512",
- null);
- psA("KeyGenerator", "HmacSHA512/224",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512_224",
- null);
- psA("KeyGenerator", "HmacSHA512/256",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512_256",
- null);
-
- psA("KeyGenerator", "HmacSHA3-224",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_224",
- null);
- psA("KeyGenerator", "HmacSHA3-256",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_256",
- null);
- psA("KeyGenerator", "HmacSHA3-384",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_384",
- null);
- psA("KeyGenerator", "HmacSHA3-512",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_512",
- null);
-
- psA("KeyPairGenerator", "DiffieHellman",
- "com.sun.crypto.provider.DHKeyPairGenerator",
- null);
+ if (!systemFipsEnabled) {
+ attrs.put("SupportedModes", "ECB");
+ attrs.put("SupportedPaddings", "NOPADDING|PKCS1PADDING|OAEPPADDING"
+ + "|OAEPWITHMD5ANDMGF1PADDING"
+ + "|OAEPWITHSHA1ANDMGF1PADDING"
+ + "|OAEPWITHSHA-1ANDMGF1PADDING"
+ + "|OAEPWITHSHA-224ANDMGF1PADDING"
+ + "|OAEPWITHSHA-256ANDMGF1PADDING"
+ + "|OAEPWITHSHA-384ANDMGF1PADDING"
+ + "|OAEPWITHSHA-512ANDMGF1PADDING"
+ + "|OAEPWITHSHA-512/224ANDMGF1PADDING"
+ + "|OAEPWITHSHA-512/256ANDMGF1PADDING");
+ attrs.put("SupportedKeyClasses",
+ "java.security.interfaces.RSAPublicKey" +
+ "|java.security.interfaces.RSAPrivateKey");
+ ps("Cipher", "RSA",
+ "com.sun.crypto.provider.RSACipher", null, attrs);
+
+ // common block cipher modes, pads
+ final String BLOCK_MODES = "ECB|CBC|PCBC|CTR|CTS|CFB|OFB" +
+ "|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64" +
+ "|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64";
+ final String BLOCK_MODES128 = BLOCK_MODES +
+ "|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128" +
+ "|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128";
+ final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING";
+
+ attrs.clear();
+ attrs.put("SupportedModes", BLOCK_MODES);
+ attrs.put("SupportedPaddings", BLOCK_PADS);
+ attrs.put("SupportedKeyFormats", "RAW");
+ ps("Cipher", "DES",
+ "com.sun.crypto.provider.DESCipher", null, attrs);
+ psA("Cipher", "DESede", "com.sun.crypto.provider.DESedeCipher",
+ attrs);
+ ps("Cipher", "Blowfish",
+ "com.sun.crypto.provider.BlowfishCipher", null, attrs);
+
+ ps("Cipher", "RC2",
+ "com.sun.crypto.provider.RC2Cipher", null, attrs);
+
+ attrs.clear();
+ attrs.put("SupportedModes", BLOCK_MODES128);
+ attrs.put("SupportedPaddings", BLOCK_PADS);
+ attrs.put("SupportedKeyFormats", "RAW");
+ psA("Cipher", "AES",
+ "com.sun.crypto.provider.AESCipher$General", attrs);
+
+ attrs.clear();
+ attrs.put("SupportedKeyFormats", "RAW");
+ psA("Cipher", "AES/KW/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES_KW_NoPadding",
+ attrs);
+ ps("Cipher", "AES/KW/PKCS5Padding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES_KW_PKCS5Padding",
+ null, attrs);
+ psA("Cipher", "AES/KWP/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES_KWP_NoPadding",
+ attrs);
+
+ psA("Cipher", "AES_128/ECB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES128_ECB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_128/CBC/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES128_CBC_NoPadding",
+ attrs);
+ psA("Cipher", "AES_128/OFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES128_OFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_128/CFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES128_CFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_128/KW/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES128_KW_NoPadding",
+ attrs);
+ ps("Cipher", "AES_128/KW/PKCS5Padding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES128_KW_PKCS5Padding",
+ null, attrs);
+ psA("Cipher", "AES_128/KWP/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES128_KWP_NoPadding",
+ attrs);
+
+ psA("Cipher", "AES_192/ECB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES192_ECB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_192/CBC/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES192_CBC_NoPadding",
+ attrs);
+ psA("Cipher", "AES_192/OFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES192_OFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_192/CFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES192_CFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_192/KW/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES192_KW_NoPadding",
+ attrs);
+ ps("Cipher", "AES_192/KW/PKCS5Padding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES192_KW_PKCS5Padding",
+ null, attrs);
+ psA("Cipher", "AES_192/KWP/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES192_KWP_NoPadding",
+ attrs);
+
+ psA("Cipher", "AES_256/ECB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES256_ECB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_256/CBC/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES256_CBC_NoPadding",
+ attrs);
+ psA("Cipher", "AES_256/OFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES256_OFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_256/CFB/NoPadding",
+ "com.sun.crypto.provider.AESCipher$AES256_CFB_NoPadding",
+ attrs);
+ psA("Cipher", "AES_256/KW/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES256_KW_NoPadding",
+ attrs);
+ ps("Cipher", "AES_256/KW/PKCS5Padding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES256_KW_PKCS5Padding",
+ null, attrs);
+ psA("Cipher", "AES_256/KWP/NoPadding",
+ "com.sun.crypto.provider.KeyWrapCipher$AES256_KWP_NoPadding",
+ attrs);
+
+ attrs.clear();
+ attrs.put("SupportedModes", "GCM");
+ attrs.put("SupportedKeyFormats", "RAW");
+
+ ps("Cipher", "AES/GCM/NoPadding",
+ "com.sun.crypto.provider.GaloisCounterMode$AESGCM", null,
+ attrs);
+ psA("Cipher", "AES_128/GCM/NoPadding",
+ "com.sun.crypto.provider.GaloisCounterMode$AES128",
+ attrs);
+ psA("Cipher", "AES_192/GCM/NoPadding",
+ "com.sun.crypto.provider.GaloisCounterMode$AES192",
+ attrs);
+ psA("Cipher", "AES_256/GCM/NoPadding",
+ "com.sun.crypto.provider.GaloisCounterMode$AES256",
+ attrs);
+
+ attrs.clear();
+ attrs.put("SupportedModes", "CBC");
+ attrs.put("SupportedPaddings", "NOPADDING");
+ attrs.put("SupportedKeyFormats", "RAW");
+ ps("Cipher", "DESedeWrap",
+ "com.sun.crypto.provider.DESedeWrapCipher", null, attrs);
+
+ attrs.clear();
+ attrs.put("SupportedModes", "ECB");
+ attrs.put("SupportedPaddings", "NOPADDING");
+ attrs.put("SupportedKeyFormats", "RAW");
+ psA("Cipher", "ARCFOUR",
+ "com.sun.crypto.provider.ARCFOURCipher", attrs);
+
+ attrs.clear();
+ attrs.put("SupportedKeyFormats", "RAW");
+ ps("Cipher", "ChaCha20",
+ "com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Only",
+ null, attrs);
+ psA("Cipher", "ChaCha20-Poly1305",
+ "com.sun.crypto.provider.ChaCha20Cipher$ChaCha20Poly1305",
+ attrs);
+
+ // PBES1
+ psA("Cipher", "PBEWithMD5AndDES",
+ "com.sun.crypto.provider.PBEWithMD5AndDESCipher",
+ null);
+ ps("Cipher", "PBEWithMD5AndTripleDES",
+ "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher");
+ psA("Cipher", "PBEWithSHA1AndDESede",
+ "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede",
+ null);
+ psA("Cipher", "PBEWithSHA1AndRC2_40",
+ "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40",
+ null);
+ psA("Cipher", "PBEWithSHA1AndRC2_128",
+ "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_128",
+ null);
+ psA("Cipher", "PBEWithSHA1AndRC4_40",
+ "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_40",
+ null);
+
+ psA("Cipher", "PBEWithSHA1AndRC4_128",
+ "com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC4_128",
+ null);
+
+ // PBES2
+ ps("Cipher", "PBEWithHmacSHA1AndAES_128",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_128");
+
+ ps("Cipher", "PBEWithHmacSHA224AndAES_128",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_128");
+
+ ps("Cipher", "PBEWithHmacSHA256AndAES_128",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_128");
+
+ ps("Cipher", "PBEWithHmacSHA384AndAES_128",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_128");
+
+ ps("Cipher", "PBEWithHmacSHA512AndAES_128",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_128");
+
+ ps("Cipher", "PBEWithHmacSHA1AndAES_256",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA1AndAES_256");
+
+ ps("Cipher", "PBEWithHmacSHA224AndAES_256",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA224AndAES_256");
+
+ ps("Cipher", "PBEWithHmacSHA256AndAES_256",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA256AndAES_256");
+
+ ps("Cipher", "PBEWithHmacSHA384AndAES_256",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA384AndAES_256");
+
+ ps("Cipher", "PBEWithHmacSHA512AndAES_256",
+ "com.sun.crypto.provider.PBES2Core$HmacSHA512AndAES_256");
+
+ /*
+ * Key(pair) Generator engines
+ */
+ ps("KeyGenerator", "DES",
+ "com.sun.crypto.provider.DESKeyGenerator");
+ psA("KeyGenerator", "DESede",
+ "com.sun.crypto.provider.DESedeKeyGenerator",
+ null);
+ ps("KeyGenerator", "Blowfish",
+ "com.sun.crypto.provider.BlowfishKeyGenerator");
+ psA("KeyGenerator", "AES",
+ "com.sun.crypto.provider.AESKeyGenerator",
+ null);
+ ps("KeyGenerator", "RC2",
+ "com.sun.crypto.provider.KeyGeneratorCore$RC2KeyGenerator");
+ psA("KeyGenerator", "ARCFOUR",
+ "com.sun.crypto.provider.KeyGeneratorCore$ARCFOURKeyGenerator",
+ null);
+ ps("KeyGenerator", "ChaCha20",
+ "com.sun.crypto.provider.KeyGeneratorCore$ChaCha20KeyGenerator");
+ ps("KeyGenerator", "HmacMD5",
+ "com.sun.crypto.provider.HmacMD5KeyGenerator");
+
+ psA("KeyGenerator", "HmacSHA1",
+ "com.sun.crypto.provider.HmacSHA1KeyGenerator", null);
+ psA("KeyGenerator", "HmacSHA224",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA224",
+ null);
+ psA("KeyGenerator", "HmacSHA256",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA256",
+ null);
+ psA("KeyGenerator", "HmacSHA384",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA384",
+ null);
+ psA("KeyGenerator", "HmacSHA512",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512",
+ null);
+ psA("KeyGenerator", "HmacSHA512/224",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512_224",
+ null);
+ psA("KeyGenerator", "HmacSHA512/256",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA512_256",
+ null);
+
+ psA("KeyGenerator", "HmacSHA3-224",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_224",
+ null);
+ psA("KeyGenerator", "HmacSHA3-256",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_256",
+ null);
+ psA("KeyGenerator", "HmacSHA3-384",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_384",
+ null);
+ psA("KeyGenerator", "HmacSHA3-512",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacKG$SHA3_512",
+ null);
+
+ psA("KeyPairGenerator", "DiffieHellman",
+ "com.sun.crypto.provider.DHKeyPairGenerator",
+ null);
+ }
/*
* Algorithm parameter generation engines
@@ -430,15 +437,17 @@ public final class SunJCE extends Provider {
"DiffieHellman", "com.sun.crypto.provider.DHParameterGenerator",
null);
- /*
- * Key Agreement engines
- */
- attrs.clear();
- attrs.put("SupportedKeyClasses", "javax.crypto.interfaces.DHPublicKey" +
- "|javax.crypto.interfaces.DHPrivateKey");
- psA("KeyAgreement", "DiffieHellman",
- "com.sun.crypto.provider.DHKeyAgreement",
- attrs);
+ if (!systemFipsEnabled) {
+ /*
+ * Key Agreement engines
+ */
+ attrs.clear();
+ attrs.put("SupportedKeyClasses", "javax.crypto.interfaces.DHPublicKey" +
+ "|javax.crypto.interfaces.DHPrivateKey");
+ psA("KeyAgreement", "DiffieHellman",
+ "com.sun.crypto.provider.DHKeyAgreement",
+ attrs);
+ }
/*
* Algorithm Parameter engines
@@ -531,197 +540,199 @@ public final class SunJCE extends Provider {
psA("AlgorithmParameters", "ChaCha20-Poly1305",
"com.sun.crypto.provider.ChaCha20Poly1305Parameters", null);
- /*
- * Key factories
- */
- psA("KeyFactory", "DiffieHellman",
- "com.sun.crypto.provider.DHKeyFactory",
- null);
-
- /*
- * Secret-key factories
- */
- ps("SecretKeyFactory", "DES",
- "com.sun.crypto.provider.DESKeyFactory");
-
- psA("SecretKeyFactory", "DESede",
- "com.sun.crypto.provider.DESedeKeyFactory", null);
-
- psA("SecretKeyFactory", "PBEWithMD5AndDES",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES",
- null);
-
- /*
- * Internal in-house crypto algorithm used for
- * the JCEKS keystore type. Since this was developed
- * internally, there isn't an OID corresponding to this
- * algorithm.
- */
- ps("SecretKeyFactory", "PBEWithMD5AndTripleDES",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndTripleDES");
-
- psA("SecretKeyFactory", "PBEWithSHA1AndDESede",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede",
- null);
-
- psA("SecretKeyFactory", "PBEWithSHA1AndRC2_40",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40",
- null);
-
- psA("SecretKeyFactory", "PBEWithSHA1AndRC2_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128",
- null);
-
- psA("SecretKeyFactory", "PBEWithSHA1AndRC4_40",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40",
- null);
-
- psA("SecretKeyFactory", "PBEWithSHA1AndRC4_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128",
- null);
-
- ps("SecretKeyFactory", "PBEWithHmacSHA1AndAES_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA224AndAES_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA256AndAES_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA384AndAES_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA512AndAES_128",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA1AndAES_256",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA224AndAES_256",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA256AndAES_256",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA384AndAES_256",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256");
-
- ps("SecretKeyFactory", "PBEWithHmacSHA512AndAES_256",
- "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256");
-
- // PBKDF2
- psA("SecretKeyFactory", "PBKDF2WithHmacSHA1",
- "com.sun.crypto.provider.PBKDF2Core$HmacSHA1",
- null);
- ps("SecretKeyFactory", "PBKDF2WithHmacSHA224",
- "com.sun.crypto.provider.PBKDF2Core$HmacSHA224");
- ps("SecretKeyFactory", "PBKDF2WithHmacSHA256",
- "com.sun.crypto.provider.PBKDF2Core$HmacSHA256");
- ps("SecretKeyFactory", "PBKDF2WithHmacSHA384",
- "com.sun.crypto.provider.PBKDF2Core$HmacSHA384");
- ps("SecretKeyFactory", "PBKDF2WithHmacSHA512",
- "com.sun.crypto.provider.PBKDF2Core$HmacSHA512");
-
- /*
- * MAC
- */
- attrs.clear();
- attrs.put("SupportedKeyFormats", "RAW");
- ps("Mac", "HmacMD5", "com.sun.crypto.provider.HmacMD5", null, attrs);
- psA("Mac", "HmacSHA1", "com.sun.crypto.provider.HmacSHA1",
- attrs);
- psA("Mac", "HmacSHA224",
- "com.sun.crypto.provider.HmacCore$HmacSHA224", attrs);
- psA("Mac", "HmacSHA256",
- "com.sun.crypto.provider.HmacCore$HmacSHA256", attrs);
- psA("Mac", "HmacSHA384",
- "com.sun.crypto.provider.HmacCore$HmacSHA384", attrs);
- psA("Mac", "HmacSHA512",
- "com.sun.crypto.provider.HmacCore$HmacSHA512", attrs);
- psA("Mac", "HmacSHA512/224",
- "com.sun.crypto.provider.HmacCore$HmacSHA512_224", attrs);
- psA("Mac", "HmacSHA512/256",
- "com.sun.crypto.provider.HmacCore$HmacSHA512_256", attrs);
- psA("Mac", "HmacSHA3-224",
- "com.sun.crypto.provider.HmacCore$HmacSHA3_224", attrs);
- psA("Mac", "HmacSHA3-256",
- "com.sun.crypto.provider.HmacCore$HmacSHA3_256", attrs);
- psA("Mac", "HmacSHA3-384",
- "com.sun.crypto.provider.HmacCore$HmacSHA3_384", attrs);
- psA("Mac", "HmacSHA3-512",
- "com.sun.crypto.provider.HmacCore$HmacSHA3_512", attrs);
-
- ps("Mac", "HmacPBESHA1",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA1",
- null, attrs);
- ps("Mac", "HmacPBESHA224",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA224",
- null, attrs);
- ps("Mac", "HmacPBESHA256",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA256",
- null, attrs);
- ps("Mac", "HmacPBESHA384",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA384",
- null, attrs);
- ps("Mac", "HmacPBESHA512",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512",
- null, attrs);
- ps("Mac", "HmacPBESHA512/224",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512_224",
- null, attrs);
- ps("Mac", "HmacPBESHA512/256",
- "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512_256",
- null, attrs);
-
-
- // PBMAC1
- ps("Mac", "PBEWithHmacSHA1",
- "com.sun.crypto.provider.PBMAC1Core$HmacSHA1", null, attrs);
- ps("Mac", "PBEWithHmacSHA224",
- "com.sun.crypto.provider.PBMAC1Core$HmacSHA224", null, attrs);
- ps("Mac", "PBEWithHmacSHA256",
- "com.sun.crypto.provider.PBMAC1Core$HmacSHA256", null, attrs);
- ps("Mac", "PBEWithHmacSHA384",
- "com.sun.crypto.provider.PBMAC1Core$HmacSHA384", null, attrs);
- ps("Mac", "PBEWithHmacSHA512",
- "com.sun.crypto.provider.PBMAC1Core$HmacSHA512", null, attrs);
- ps("Mac", "SslMacMD5",
- "com.sun.crypto.provider.SslMacCore$SslMacMD5", null, attrs);
- ps("Mac", "SslMacSHA1",
- "com.sun.crypto.provider.SslMacCore$SslMacSHA1", null, attrs);
-
- /*
- * KeyStore
- */
- ps("KeyStore", "JCEKS",
- "com.sun.crypto.provider.JceKeyStore");
-
- /*
- * SSL/TLS mechanisms
- *
- * These are strictly internal implementations and may
- * be changed at any time. These names were chosen
- * because PKCS11/SunPKCS11 does not yet have TLS1.2
- * mechanisms, and it will cause calls to come here.
- */
- ps("KeyGenerator", "SunTlsPrf",
- "com.sun.crypto.provider.TlsPrfGenerator$V10");
- ps("KeyGenerator", "SunTls12Prf",
- "com.sun.crypto.provider.TlsPrfGenerator$V12");
-
- ps("KeyGenerator", "SunTlsMasterSecret",
- "com.sun.crypto.provider.TlsMasterSecretGenerator",
- List.of("SunTls12MasterSecret", "SunTlsExtendedMasterSecret"),
- null);
-
- ps("KeyGenerator", "SunTlsKeyMaterial",
- "com.sun.crypto.provider.TlsKeyMaterialGenerator",
- List.of("SunTls12KeyMaterial"), null);
-
- ps("KeyGenerator", "SunTlsRsaPremasterSecret",
- "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator",
- List.of("SunTls12RsaPremasterSecret"), null);
+ if (!systemFipsEnabled) {
+ /*
+ * Key factories
+ */
+ psA("KeyFactory", "DiffieHellman",
+ "com.sun.crypto.provider.DHKeyFactory",
+ null);
+
+ /*
+ * Secret-key factories
+ */
+ ps("SecretKeyFactory", "DES",
+ "com.sun.crypto.provider.DESKeyFactory");
+
+ psA("SecretKeyFactory", "DESede",
+ "com.sun.crypto.provider.DESedeKeyFactory", null);
+
+ psA("SecretKeyFactory", "PBEWithMD5AndDES",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES",
+ null);
+
+ /*
+ * Internal in-house crypto algorithm used for
+ * the JCEKS keystore type. Since this was developed
+ * internally, there isn't an OID corresponding to this
+ * algorithm.
+ */
+ ps("SecretKeyFactory", "PBEWithMD5AndTripleDES",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndTripleDES");
+
+ psA("SecretKeyFactory", "PBEWithSHA1AndDESede",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede",
+ null);
+
+ psA("SecretKeyFactory", "PBEWithSHA1AndRC2_40",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40",
+ null);
+
+ psA("SecretKeyFactory", "PBEWithSHA1AndRC2_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_128",
+ null);
+
+ psA("SecretKeyFactory", "PBEWithSHA1AndRC4_40",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_40",
+ null);
+
+ psA("SecretKeyFactory", "PBEWithSHA1AndRC4_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC4_128",
+ null);
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA1AndAES_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_128");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA224AndAES_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_128");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA256AndAES_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_128");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA384AndAES_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_128");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA512AndAES_128",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_128");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA1AndAES_256",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA1AndAES_256");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA224AndAES_256",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA224AndAES_256");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA256AndAES_256",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA256AndAES_256");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA384AndAES_256",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA384AndAES_256");
+
+ ps("SecretKeyFactory", "PBEWithHmacSHA512AndAES_256",
+ "com.sun.crypto.provider.PBEKeyFactory$PBEWithHmacSHA512AndAES_256");
+
+ // PBKDF2
+ psA("SecretKeyFactory", "PBKDF2WithHmacSHA1",
+ "com.sun.crypto.provider.PBKDF2Core$HmacSHA1",
+ null);
+ ps("SecretKeyFactory", "PBKDF2WithHmacSHA224",
+ "com.sun.crypto.provider.PBKDF2Core$HmacSHA224");
+ ps("SecretKeyFactory", "PBKDF2WithHmacSHA256",
+ "com.sun.crypto.provider.PBKDF2Core$HmacSHA256");
+ ps("SecretKeyFactory", "PBKDF2WithHmacSHA384",
+ "com.sun.crypto.provider.PBKDF2Core$HmacSHA384");
+ ps("SecretKeyFactory", "PBKDF2WithHmacSHA512",
+ "com.sun.crypto.provider.PBKDF2Core$HmacSHA512");
+
+ /*
+ * MAC
+ */
+ attrs.clear();
+ attrs.put("SupportedKeyFormats", "RAW");
+ ps("Mac", "HmacMD5", "com.sun.crypto.provider.HmacMD5", null, attrs);
+ psA("Mac", "HmacSHA1", "com.sun.crypto.provider.HmacSHA1",
+ attrs);
+ psA("Mac", "HmacSHA224",
+ "com.sun.crypto.provider.HmacCore$HmacSHA224", attrs);
+ psA("Mac", "HmacSHA256",
+ "com.sun.crypto.provider.HmacCore$HmacSHA256", attrs);
+ psA("Mac", "HmacSHA384",
+ "com.sun.crypto.provider.HmacCore$HmacSHA384", attrs);
+ psA("Mac", "HmacSHA512",
+ "com.sun.crypto.provider.HmacCore$HmacSHA512", attrs);
+ psA("Mac", "HmacSHA512/224",
+ "com.sun.crypto.provider.HmacCore$HmacSHA512_224", attrs);
+ psA("Mac", "HmacSHA512/256",
+ "com.sun.crypto.provider.HmacCore$HmacSHA512_256", attrs);
+ psA("Mac", "HmacSHA3-224",
+ "com.sun.crypto.provider.HmacCore$HmacSHA3_224", attrs);
+ psA("Mac", "HmacSHA3-256",
+ "com.sun.crypto.provider.HmacCore$HmacSHA3_256", attrs);
+ psA("Mac", "HmacSHA3-384",
+ "com.sun.crypto.provider.HmacCore$HmacSHA3_384", attrs);
+ psA("Mac", "HmacSHA3-512",
+ "com.sun.crypto.provider.HmacCore$HmacSHA3_512", attrs);
+
+ ps("Mac", "HmacPBESHA1",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA1",
+ null, attrs);
+ ps("Mac", "HmacPBESHA224",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA224",
+ null, attrs);
+ ps("Mac", "HmacPBESHA256",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA256",
+ null, attrs);
+ ps("Mac", "HmacPBESHA384",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA384",
+ null, attrs);
+ ps("Mac", "HmacPBESHA512",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512",
+ null, attrs);
+ ps("Mac", "HmacPBESHA512/224",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512_224",
+ null, attrs);
+ ps("Mac", "HmacPBESHA512/256",
+ "com.sun.crypto.provider.HmacPKCS12PBECore$HmacPKCS12PBE_SHA512_256",
+ null, attrs);
+
+
+ // PBMAC1
+ ps("Mac", "PBEWithHmacSHA1",
+ "com.sun.crypto.provider.PBMAC1Core$HmacSHA1", null, attrs);
+ ps("Mac", "PBEWithHmacSHA224",
+ "com.sun.crypto.provider.PBMAC1Core$HmacSHA224", null, attrs);
+ ps("Mac", "PBEWithHmacSHA256",
+ "com.sun.crypto.provider.PBMAC1Core$HmacSHA256", null, attrs);
+ ps("Mac", "PBEWithHmacSHA384",
+ "com.sun.crypto.provider.PBMAC1Core$HmacSHA384", null, attrs);
+ ps("Mac", "PBEWithHmacSHA512",
+ "com.sun.crypto.provider.PBMAC1Core$HmacSHA512", null, attrs);
+ ps("Mac", "SslMacMD5",
+ "com.sun.crypto.provider.SslMacCore$SslMacMD5", null, attrs);
+ ps("Mac", "SslMacSHA1",
+ "com.sun.crypto.provider.SslMacCore$SslMacSHA1", null, attrs);
+
+ /*
+ * KeyStore
+ */
+ ps("KeyStore", "JCEKS",
+ "com.sun.crypto.provider.JceKeyStore");
+
+ /*
+ * SSL/TLS mechanisms
+ *
+ * These are strictly internal implementations and may
+ * be changed at any time. These names were chosen
+ * because PKCS11/SunPKCS11 does not yet have TLS1.2
+ * mechanisms, and it will cause calls to come here.
+ */
+ ps("KeyGenerator", "SunTlsPrf",
+ "com.sun.crypto.provider.TlsPrfGenerator$V10");
+ ps("KeyGenerator", "SunTls12Prf",
+ "com.sun.crypto.provider.TlsPrfGenerator$V12");
+
+ ps("KeyGenerator", "SunTlsMasterSecret",
+ "com.sun.crypto.provider.TlsMasterSecretGenerator",
+ List.of("SunTls12MasterSecret", "SunTlsExtendedMasterSecret"),
+ null);
+
+ ps("KeyGenerator", "SunTlsKeyMaterial",
+ "com.sun.crypto.provider.TlsKeyMaterialGenerator",
+ List.of("SunTls12KeyMaterial"), null);
+
+ ps("KeyGenerator", "SunTlsRsaPremasterSecret",
+ "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator",
+ List.of("SunTls12RsaPremasterSecret"), null);
+ }
}
// Return the instance of this class or create one if needed.
diff --git a/src/java.base/share/classes/java/security/Security.java b/src/java.base/share/classes/java/security/Security.java
index ff2bc942c03..96a3ba4040c 100644
--- a/src/java.base/share/classes/java/security/Security.java
+++ b/src/java.base/share/classes/java/security/Security.java
@@ -32,6 +32,7 @@ import java.net.URL;
import jdk.internal.event.EventHelper;
import jdk.internal.event.SecurityPropertyModificationEvent;
+import jdk.internal.access.JavaSecuritySystemConfiguratorAccess;
import jdk.internal.access.SharedSecrets;
import jdk.internal.util.StaticProperty;
import sun.security.util.Debug;
@@ -47,12 +48,20 @@ import sun.security.jca.*;
* implementation-specific location, which is typically the properties file
* {@code conf/security/java.security} in the Java installation directory.
*
+ * <p>Additional default values of security properties are read from a
+ * system-specific location, if available.</p>
+ *
* @author Benjamin Renaud
* @since 1.1
*/
public final class Security {
+ private static final String SYS_PROP_SWITCH =
+ "java.security.disableSystemPropertiesFile";
+ private static final String SEC_PROP_SWITCH =
+ "security.useSystemPropertiesFile";
+
/* Are we debugging? -- for developers */
private static final Debug sdebug =
Debug.getInstance("properties");
@@ -67,6 +76,19 @@ public final class Security {
}
static {
+ // Initialise here as used by code with system properties disabled
+ SharedSecrets.setJavaSecuritySystemConfiguratorAccess(
+ new JavaSecuritySystemConfiguratorAccess() {
+ @Override
+ public boolean isSystemFipsEnabled() {
+ return SystemConfigurator.isSystemFipsEnabled();
+ }
+ @Override
+ public boolean isPlainKeySupportEnabled() {
+ return SystemConfigurator.isPlainKeySupportEnabled();
+ }
+ });
+
// doPrivileged here because there are multiple
// things in initialize that might require privs.
// (the FileInputStream call and the File.exists call,
@@ -84,6 +106,7 @@ public final class Security {
props = new Properties();
boolean loadedProps = false;
boolean overrideAll = false;
+ boolean systemSecPropsEnabled = false;
// first load the system properties file
// to determine the value of security.overridePropertiesFile
@@ -99,6 +122,7 @@ public final class Security {
if (sdebug != null) {
sdebug.println("reading security properties file: " +
propFile);
+ sdebug.println(props.toString());
}
} catch (IOException e) {
if (sdebug != null) {
@@ -193,6 +217,61 @@ public final class Security {
}
}
+ boolean sysUseProps = Boolean.valueOf(System.getProperty(SYS_PROP_SWITCH, "false"));
+ boolean secUseProps = Boolean.valueOf(props.getProperty(SEC_PROP_SWITCH));
+ if (sdebug != null) {
+ sdebug.println(SYS_PROP_SWITCH + "=" + sysUseProps);
+ sdebug.println(SEC_PROP_SWITCH + "=" + secUseProps);
+ }
+ if (!sysUseProps && secUseProps) {
+ systemSecPropsEnabled = SystemConfigurator.configureSysProps(props);
+ if (!systemSecPropsEnabled) {
+ if (sdebug != null) {
+ sdebug.println("WARNING: System security properties could not be loaded.");
+ }
+ }
+ } else {
+ if (sdebug != null) {
+ sdebug.println("System security property support disabled by user.");
+ }
+ }
+
+ // FIPS support depends on the contents of java.security so
+ // ensure it has loaded first
+ if (loadedProps && systemSecPropsEnabled) {
+ boolean shouldEnable;
+ String sysProp = System.getProperty("com.redhat.fips");
+ if (sysProp == null) {
+ shouldEnable = true;
+ if (sdebug != null) {
+ sdebug.println("com.redhat.fips unset, using default value of true");
+ }
+ } else {
+ shouldEnable = Boolean.valueOf(sysProp);
+ if (sdebug != null) {
+ sdebug.println("com.redhat.fips set, using its value " + shouldEnable);
+ }
+ }
+ if (shouldEnable) {
+ boolean fipsEnabled = SystemConfigurator.configureFIPS(props);
+ if (sdebug != null) {
+ if (fipsEnabled) {
+ sdebug.println("FIPS mode support configured and enabled.");
+ } else {
+ sdebug.println("FIPS mode support disabled.");
+ }
+ }
+ } else {
+ if (sdebug != null ) {
+ sdebug.println("FIPS mode support disabled by user.");
+ }
+ }
+ } else {
+ if (sdebug != null) {
+ sdebug.println("WARNING: FIPS mode support can not be enabled without " +
+ "system security properties being enabled.");
+ }
+ }
}
/*
diff --git a/src/java.base/share/classes/java/security/SystemConfigurator.java b/src/java.base/share/classes/java/security/SystemConfigurator.java
new file mode 100644
index 00000000000..98ffced455b
--- /dev/null
+++ b/src/java.base/share/classes/java/security/SystemConfigurator.java
@@ -0,0 +1,249 @@
+/*
+ * Copyright (c) 2019, 2021, Red Hat, Inc.
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package java.security;
+
+import java.io.BufferedInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+
+import java.util.Iterator;
+import java.util.Map.Entry;
+import java.util.Properties;
+
+import sun.security.util.Debug;
+
+/**
+ * Internal class to align OpenJDK with global crypto-policies.
+ * Called from java.security.Security class initialization,
+ * during startup.
+ *
+ */
+
+final class SystemConfigurator {
+
+ private static final Debug sdebug =
+ Debug.getInstance("properties");
+
+ private static final String CRYPTO_POLICIES_BASE_DIR =
+ "/etc/crypto-policies";
+
+ private static final String CRYPTO_POLICIES_JAVA_CONFIG =
+ CRYPTO_POLICIES_BASE_DIR + "/back-ends/java.config";
+
+ private static boolean systemFipsEnabled = false;
+ private static boolean plainKeySupportEnabled = false;
+
+ private static final String SYSTEMCONF_NATIVE_LIB = "systemconf";
+
+ private static native boolean getSystemFIPSEnabled()
+ throws IOException;
+
+ static {
+ @SuppressWarnings("removal")
+ var dummy = AccessController.doPrivileged(new PrivilegedAction<Void>() {
+ public Void run() {
+ System.loadLibrary(SYSTEMCONF_NATIVE_LIB);
+ return null;
+ }
+ });
+ }
+
+ /*
+ * Invoked when java.security.Security class is initialized, if
+ * java.security.disableSystemPropertiesFile property is not set and
+ * security.useSystemPropertiesFile is true.
+ */
+ static boolean configureSysProps(Properties props) {
+ boolean systemSecPropsLoaded = false;
+
+ try (BufferedInputStream bis =
+ new BufferedInputStream(
+ new FileInputStream(CRYPTO_POLICIES_JAVA_CONFIG))) {
+ props.load(bis);
+ systemSecPropsLoaded = true;
+ if (sdebug != null) {
+ sdebug.println("reading system security properties file " +
+ CRYPTO_POLICIES_JAVA_CONFIG);
+ sdebug.println(props.toString());
+ }
+ } catch (IOException e) {
+ if (sdebug != null) {
+ sdebug.println("unable to load security properties from " +
+ CRYPTO_POLICIES_JAVA_CONFIG);
+ e.printStackTrace();
+ }
+ }
+ return systemSecPropsLoaded;
+ }
+
+ /*
+ * Invoked at the end of java.security.Security initialisation
+ * if java.security properties have been loaded
+ */
+ static boolean configureFIPS(Properties props) {
+ boolean loadedProps = false;
+
+ try {
+ if (enableFips()) {
+ if (sdebug != null) { sdebug.println("FIPS mode detected"); }
+ // Remove all security providers
+ Iterator<Entry<Object, Object>> i = props.entrySet().iterator();
+ while (i.hasNext()) {
+ Entry<Object, Object> e = i.next();
+ if (((String) e.getKey()).startsWith("security.provider")) {
+ if (sdebug != null) { sdebug.println("Removing provider: " + e); }
+ i.remove();
+ }
+ }
+ // Add FIPS security providers
+ String fipsProviderValue = null;
+ for (int n = 1;
+ (fipsProviderValue = (String) props.get("fips.provider." + n)) != null; n++) {
+ String fipsProviderKey = "security.provider." + n;
+ if (sdebug != null) {
+ sdebug.println("Adding provider " + n + ": " +
+ fipsProviderKey + "=" + fipsProviderValue);
+ }
+ props.put(fipsProviderKey, fipsProviderValue);
+ }
+ // Add other security properties
+ String keystoreTypeValue = (String) props.get("fips.keystore.type");
+ if (keystoreTypeValue != null) {
+ String nonFipsKeystoreType = props.getProperty("keystore.type");
+ props.put("keystore.type", keystoreTypeValue);
+ if (keystoreTypeValue.equals("PKCS11")) {
+ // If keystore.type is PKCS11, javax.net.ssl.keyStore
+ // must be "NONE". See JDK-8238264.
+ System.setProperty("javax.net.ssl.keyStore", "NONE");
+ }
+ if (System.getProperty("javax.net.ssl.trustStoreType") == null) {
+ // If no trustStoreType has been set, use the
+ // previous keystore.type under FIPS mode. In
+ // a default configuration, the Trust Store will
+ // be 'cacerts' (JKS type).
+ System.setProperty("javax.net.ssl.trustStoreType",
+ nonFipsKeystoreType);
+ }
+ if (sdebug != null) {
+ sdebug.println("FIPS mode default keystore.type = " +
+ keystoreTypeValue);
+ sdebug.println("FIPS mode javax.net.ssl.keyStore = " +
+ System.getProperty("javax.net.ssl.keyStore", ""));
+ sdebug.println("FIPS mode javax.net.ssl.trustStoreType = " +
+ System.getProperty("javax.net.ssl.trustStoreType", ""));
+ }
+ }
+ loadedProps = true;
+ systemFipsEnabled = true;
+ String plainKeySupport = System.getProperty("com.redhat.fips.plainKeySupport",
+ "true");
+ plainKeySupportEnabled = !"false".equals(plainKeySupport);
+ if (sdebug != null) {
+ if (plainKeySupportEnabled) {
+ sdebug.println("FIPS support enabled with plain key support");
+ } else {
+ sdebug.println("FIPS support enabled without plain key support");
+ }
+ }
+ } else {
+ if (sdebug != null) { sdebug.println("FIPS mode not detected"); }
+ }
+ } catch (Exception e) {
+ if (sdebug != null) {
+ sdebug.println("unable to load FIPS configuration");
+ e.printStackTrace();
+ }
+ }
+ return loadedProps;
+ }
+
+ /**
+ * Returns whether or not global system FIPS alignment is enabled.
+ *
+ * Value is always 'false' before java.security.Security class is
+ * initialized.
+ *
+ * Call from out of this package through SharedSecrets:
+ * SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ * .isSystemFipsEnabled();
+ *
+ * @return a boolean value indicating whether or not global
+ * system FIPS alignment is enabled.
+ */
+ static boolean isSystemFipsEnabled() {
+ return systemFipsEnabled;
+ }
+
+ /**
+ * Returns {@code true} if system FIPS alignment is enabled
+ * and plain key support is allowed. Plain key support is
+ * enabled by default but can be disabled with
+ * {@code -Dcom.redhat.fips.plainKeySupport=false}.
+ *
+ * @return a boolean indicating whether plain key support
+ * should be enabled.
+ */
+ static boolean isPlainKeySupportEnabled() {
+ return plainKeySupportEnabled;
+ }
+
+ /**
+ * Determines whether FIPS mode should be enabled.
+ *
+ * OpenJDK FIPS mode will be enabled only if the system is in
+ * FIPS mode.
+ *
+ * Calls to this method only occur if the system property
+ * com.redhat.fips is not set to false.
+ *
+ * There are 2 possible ways in which OpenJDK detects that the system
+ * is in FIPS mode: 1) if the NSS SECMOD_GetSystemFIPSEnabled API is
+ * available at OpenJDK's built-time, it is called; 2) otherwise, the
+ * /proc/sys/crypto/fips_enabled file is read.
+ *
+ * @return true if the system is in FIPS mode
+ */
+ private static boolean enableFips() throws Exception {
+ if (sdebug != null) {
+ sdebug.println("Calling getSystemFIPSEnabled (libsystemconf)...");
+ }
+ try {
+ boolean fipsEnabled = getSystemFIPSEnabled();
+ if (sdebug != null) {
+ sdebug.println("Call to getSystemFIPSEnabled (libsystemconf) returned: "
+ + fipsEnabled);
+ }
+ return fipsEnabled;
+ } catch (IOException e) {
+ if (sdebug != null) {
+ sdebug.println("Call to getSystemFIPSEnabled (libsystemconf) failed:");
+ sdebug.println(e.getMessage());
+ }
+ throw e;
+ }
+ }
+}
diff --git a/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java b/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java
new file mode 100644
index 00000000000..3f3caac64dc
--- /dev/null
+++ b/src/java.base/share/classes/jdk/internal/access/JavaSecuritySystemConfiguratorAccess.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2020, Red Hat, Inc.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package jdk.internal.access;
+
+public interface JavaSecuritySystemConfiguratorAccess {
+ boolean isSystemFipsEnabled();
+ boolean isPlainKeySupportEnabled();
+}
diff --git a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
index f6d3638c3dd..a1ee182d913 100644
--- a/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
+++ b/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java
@@ -39,6 +39,7 @@ import java.io.FilePermission;
import java.io.ObjectInputStream;
import java.io.RandomAccessFile;
import java.security.ProtectionDomain;
+import java.security.Security;
import java.security.Signature;
/** A repository of "shared secrets", which are a mechanism for
@@ -81,6 +82,7 @@ public class SharedSecrets {
private static JavaSecuritySpecAccess javaSecuritySpecAccess;
private static JavaxCryptoSealedObjectAccess javaxCryptoSealedObjectAccess;
private static JavaxCryptoSpecAccess javaxCryptoSpecAccess;
+ private static JavaSecuritySystemConfiguratorAccess javaSecuritySystemConfiguratorAccess;
public static void setJavaUtilCollectionAccess(JavaUtilCollectionAccess juca) {
javaUtilCollectionAccess = juca;
@@ -442,4 +444,15 @@ public class SharedSecrets {
MethodHandles.lookup().ensureInitialized(c);
} catch (IllegalAccessException e) {}
}
+
+ public static void setJavaSecuritySystemConfiguratorAccess(JavaSecuritySystemConfiguratorAccess jssca) {
+ javaSecuritySystemConfiguratorAccess = jssca;
+ }
+
+ public static JavaSecuritySystemConfiguratorAccess getJavaSecuritySystemConfiguratorAccess() {
+ if (javaSecuritySystemConfiguratorAccess == null) {
+ ensureClassInitialized(Security.class);
+ }
+ return javaSecuritySystemConfiguratorAccess;
+ }
}
diff --git a/src/java.base/share/classes/module-info.java b/src/java.base/share/classes/module-info.java
index 63bb580eb3a..dbbf11bbb22 100644
--- a/src/java.base/share/classes/module-info.java
+++ b/src/java.base/share/classes/module-info.java
@@ -152,6 +152,8 @@ module java.base {
java.naming,
java.rmi,
jdk.charsets,
+ jdk.crypto.cryptoki,
+ jdk.crypto.ec,
jdk.jartool,
jdk.jlink,
jdk.net,
diff --git a/src/java.base/share/classes/sun/security/provider/SunEntries.java b/src/java.base/share/classes/sun/security/provider/SunEntries.java
index 912cad59714..709d32912ca 100644
--- a/src/java.base/share/classes/sun/security/provider/SunEntries.java
+++ b/src/java.base/share/classes/sun/security/provider/SunEntries.java
@@ -30,6 +30,7 @@ import java.net.*;
import java.util.*;
import java.security.*;
+import jdk.internal.access.SharedSecrets;
import jdk.internal.util.StaticProperty;
import sun.security.action.GetPropertyAction;
import sun.security.util.SecurityProviderConstants;
@@ -83,6 +84,10 @@ import static sun.security.util.SecurityProviderConstants.getAliases;
public final class SunEntries {
+ private static final boolean systemFipsEnabled =
+ SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled();
+
// the default algo used by SecureRandom class for new SecureRandom() calls
public static final String DEF_SECURE_RANDOM_ALGO;
@@ -94,99 +99,101 @@ public final class SunEntries {
// common attribute map
HashMap<String, String> attrs = new HashMap<>(3);
- /*
- * SecureRandom engines
- */
- attrs.put("ThreadSafe", "true");
- if (NativePRNG.isAvailable()) {
- add(p, "SecureRandom", "NativePRNG",
- "sun.security.provider.NativePRNG", attrs);
- }
- if (NativePRNG.Blocking.isAvailable()) {
- add(p, "SecureRandom", "NativePRNGBlocking",
- "sun.security.provider.NativePRNG$Blocking", attrs);
- }
- if (NativePRNG.NonBlocking.isAvailable()) {
- add(p, "SecureRandom", "NativePRNGNonBlocking",
- "sun.security.provider.NativePRNG$NonBlocking", attrs);
- }
- attrs.put("ImplementedIn", "Software");
- add(p, "SecureRandom", "DRBG", "sun.security.provider.DRBG", attrs);
- add(p, "SecureRandom", "SHA1PRNG",
- "sun.security.provider.SecureRandom", attrs);
-
- /*
- * Signature engines
- */
- attrs.clear();
- String dsaKeyClasses = "java.security.interfaces.DSAPublicKey" +
- "|java.security.interfaces.DSAPrivateKey";
- attrs.put("SupportedKeyClasses", dsaKeyClasses);
- attrs.put("ImplementedIn", "Software");
-
- attrs.put("KeySize", "1024"); // for NONE and SHA1 DSA signatures
-
- addWithAlias(p, "Signature", "SHA1withDSA",
- "sun.security.provider.DSA$SHA1withDSA", attrs);
- addWithAlias(p, "Signature", "NONEwithDSA",
- "sun.security.provider.DSA$RawDSA", attrs);
-
- // for DSA signatures with 224/256-bit digests
- attrs.put("KeySize", "2048");
-
- addWithAlias(p, "Signature", "SHA224withDSA",
- "sun.security.provider.DSA$SHA224withDSA", attrs);
- addWithAlias(p, "Signature", "SHA256withDSA",
- "sun.security.provider.DSA$SHA256withDSA", attrs);
-
- addWithAlias(p, "Signature", "SHA3-224withDSA",
- "sun.security.provider.DSA$SHA3_224withDSA", attrs);
- addWithAlias(p, "Signature", "SHA3-256withDSA",
- "sun.security.provider.DSA$SHA3_256withDSA", attrs);
-
- attrs.put("KeySize", "3072"); // for DSA sig using 384/512-bit digests
-
- addWithAlias(p, "Signature", "SHA384withDSA",
- "sun.security.provider.DSA$SHA384withDSA", attrs);
- addWithAlias(p, "Signature", "SHA512withDSA",
- "sun.security.provider.DSA$SHA512withDSA", attrs);
- addWithAlias(p, "Signature", "SHA3-384withDSA",
- "sun.security.provider.DSA$SHA3_384withDSA", attrs);
- addWithAlias(p, "Signature", "SHA3-512withDSA",
- "sun.security.provider.DSA$SHA3_512withDSA", attrs);
-
- attrs.remove("KeySize");
+ if (!systemFipsEnabled) {
+ /*
+ * SecureRandom engines
+ */
+ attrs.put("ThreadSafe", "true");
+ if (NativePRNG.isAvailable()) {
+ add(p, "SecureRandom", "NativePRNG",
+ "sun.security.provider.NativePRNG", attrs);
+ }
+ if (NativePRNG.Blocking.isAvailable()) {
+ add(p, "SecureRandom", "NativePRNGBlocking",
+ "sun.security.provider.NativePRNG$Blocking", attrs);
+ }
+ if (NativePRNG.NonBlocking.isAvailable()) {
+ add(p, "SecureRandom", "NativePRNGNonBlocking",
+ "sun.security.provider.NativePRNG$NonBlocking", attrs);
+ }
+ attrs.put("ImplementedIn", "Software");
+ add(p, "SecureRandom", "DRBG", "sun.security.provider.DRBG", attrs);
+ add(p, "SecureRandom", "SHA1PRNG",
+ "sun.security.provider.SecureRandom", attrs);
- add(p, "Signature", "SHA1withDSAinP1363Format",
- "sun.security.provider.DSA$SHA1withDSAinP1363Format");
- add(p, "Signature", "NONEwithDSAinP1363Format",
- "sun.security.provider.DSA$RawDSAinP1363Format");
- add(p, "Signature", "SHA224withDSAinP1363Format",
- "sun.security.provider.DSA$SHA224withDSAinP1363Format");
- add(p, "Signature", "SHA256withDSAinP1363Format",
- "sun.security.provider.DSA$SHA256withDSAinP1363Format");
- add(p, "Signature", "SHA384withDSAinP1363Format",
- "sun.security.provider.DSA$SHA384withDSAinP1363Format");
- add(p, "Signature", "SHA512withDSAinP1363Format",
- "sun.security.provider.DSA$SHA512withDSAinP1363Format");
- add(p, "Signature", "SHA3-224withDSAinP1363Format",
- "sun.security.provider.DSA$SHA3_224withDSAinP1363Format");
- add(p, "Signature", "SHA3-256withDSAinP1363Format",
- "sun.security.provider.DSA$SHA3_256withDSAinP1363Format");
- add(p, "Signature", "SHA3-384withDSAinP1363Format",
- "sun.security.provider.DSA$SHA3_384withDSAinP1363Format");
- add(p, "Signature", "SHA3-512withDSAinP1363Format",
- "sun.security.provider.DSA$SHA3_512withDSAinP1363Format");
- /*
- * Key Pair Generator engines
- */
- attrs.clear();
- attrs.put("ImplementedIn", "Software");
- attrs.put("KeySize", "2048"); // for DSA KPG and APG only
+ /*
+ * Signature engines
+ */
+ attrs.clear();
+ String dsaKeyClasses = "java.security.interfaces.DSAPublicKey" +
+ "|java.security.interfaces.DSAPrivateKey";
+ attrs.put("SupportedKeyClasses", dsaKeyClasses);
+ attrs.put("ImplementedIn", "Software");
+
+ attrs.put("KeySize", "1024"); // for NONE and SHA1 DSA signatures
+
+ addWithAlias(p, "Signature", "SHA1withDSA",
+ "sun.security.provider.DSA$SHA1withDSA", attrs);
+ addWithAlias(p, "Signature", "NONEwithDSA",
+ "sun.security.provider.DSA$RawDSA", attrs);
+
+ // for DSA signatures with 224/256-bit digests
+ attrs.put("KeySize", "2048");
+
+ addWithAlias(p, "Signature", "SHA224withDSA",
+ "sun.security.provider.DSA$SHA224withDSA", attrs);
+ addWithAlias(p, "Signature", "SHA256withDSA",
+ "sun.security.provider.DSA$SHA256withDSA", attrs);
+
+ addWithAlias(p, "Signature", "SHA3-224withDSA",
+ "sun.security.provider.DSA$SHA3_224withDSA", attrs);
+ addWithAlias(p, "Signature", "SHA3-256withDSA",
+ "sun.security.provider.DSA$SHA3_256withDSA", attrs);
+
+ attrs.put("KeySize", "3072"); // for DSA sig using 384/512-bit digests
+
+ addWithAlias(p, "Signature", "SHA384withDSA",
+ "sun.security.provider.DSA$SHA384withDSA", attrs);
+ addWithAlias(p, "Signature", "SHA512withDSA",
+ "sun.security.provider.DSA$SHA512withDSA", attrs);
+ addWithAlias(p, "Signature", "SHA3-384withDSA",
+ "sun.security.provider.DSA$SHA3_384withDSA", attrs);
+ addWithAlias(p, "Signature", "SHA3-512withDSA",
+ "sun.security.provider.DSA$SHA3_512withDSA", attrs);
+
+ attrs.remove("KeySize");
+
+ add(p, "Signature", "SHA1withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA1withDSAinP1363Format");
+ add(p, "Signature", "NONEwithDSAinP1363Format",
+ "sun.security.provider.DSA$RawDSAinP1363Format");
+ add(p, "Signature", "SHA224withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA224withDSAinP1363Format");
+ add(p, "Signature", "SHA256withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA256withDSAinP1363Format");
+ add(p, "Signature", "SHA384withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA384withDSAinP1363Format");
+ add(p, "Signature", "SHA512withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA512withDSAinP1363Format");
+ add(p, "Signature", "SHA3-224withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA3_224withDSAinP1363Format");
+ add(p, "Signature", "SHA3-256withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA3_256withDSAinP1363Format");
+ add(p, "Signature", "SHA3-384withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA3_384withDSAinP1363Format");
+ add(p, "Signature", "SHA3-512withDSAinP1363Format",
+ "sun.security.provider.DSA$SHA3_512withDSAinP1363Format");
+ /*
+ * Key Pair Generator engines
+ */
+ attrs.clear();
+ attrs.put("ImplementedIn", "Software");
+ attrs.put("KeySize", "2048"); // for DSA KPG and APG only
- String dsaKPGImplClass = "sun.security.provider.DSAKeyPairGenerator$";
- dsaKPGImplClass += (useLegacyDSA? "Legacy" : "Current");
- addWithAlias(p, "KeyPairGenerator", "DSA", dsaKPGImplClass, attrs);
+ String dsaKPGImplClass = "sun.security.provider.DSAKeyPairGenerator$";
+ dsaKPGImplClass += (useLegacyDSA? "Legacy" : "Current");
+ addWithAlias(p, "KeyPairGenerator", "DSA", dsaKPGImplClass, attrs);
+ }
/*
* Algorithm Parameter Generator engines
@@ -201,40 +208,42 @@ public final class SunEntries {
addWithAlias(p, "AlgorithmParameters", "DSA",
"sun.security.provider.DSAParameters", attrs);
- /*
- * Key factories
- */
- addWithAlias(p, "KeyFactory", "DSA",
- "sun.security.provider.DSAKeyFactory", attrs);
-
- /*
- * Digest engines
- */
- add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs);
- add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs);
- addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA",
- attrs);
+ if (!systemFipsEnabled) {
+ /*
+ * Key factories
+ */
+ addWithAlias(p, "KeyFactory", "DSA",
+ "sun.security.provider.DSAKeyFactory", attrs);
- addWithAlias(p, "MessageDigest", "SHA-224",
- "sun.security.provider.SHA2$SHA224", attrs);
- addWithAlias(p, "MessageDigest", "SHA-256",
- "sun.security.provider.SHA2$SHA256", attrs);
- addWithAlias(p, "MessageDigest", "SHA-384",
- "sun.security.provider.SHA5$SHA384", attrs);
- addWithAlias(p, "MessageDigest", "SHA-512",
- "sun.security.provider.SHA5$SHA512", attrs);
- addWithAlias(p, "MessageDigest", "SHA-512/224",
- "sun.security.provider.SHA5$SHA512_224", attrs);
- addWithAlias(p, "MessageDigest", "SHA-512/256",
- "sun.security.provider.SHA5$SHA512_256", attrs);
- addWithAlias(p, "MessageDigest", "SHA3-224",
- "sun.security.provider.SHA3$SHA224", attrs);
- addWithAlias(p, "MessageDigest", "SHA3-256",
- "sun.security.provider.SHA3$SHA256", attrs);
- addWithAlias(p, "MessageDigest", "SHA3-384",
- "sun.security.provider.SHA3$SHA384", attrs);
- addWithAlias(p, "MessageDigest", "SHA3-512",
- "sun.security.provider.SHA3$SHA512", attrs);
+ /*
+ * Digest engines
+ */
+ add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", attrs);
+ add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-1", "sun.security.provider.SHA",
+ attrs);
+
+ addWithAlias(p, "MessageDigest", "SHA-224",
+ "sun.security.provider.SHA2$SHA224", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-256",
+ "sun.security.provider.SHA2$SHA256", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-384",
+ "sun.security.provider.SHA5$SHA384", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-512",
+ "sun.security.provider.SHA5$SHA512", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-512/224",
+ "sun.security.provider.SHA5$SHA512_224", attrs);
+ addWithAlias(p, "MessageDigest", "SHA-512/256",
+ "sun.security.provider.SHA5$SHA512_256", attrs);
+ addWithAlias(p, "MessageDigest", "SHA3-224",
+ "sun.security.provider.SHA3$SHA224", attrs);
+ addWithAlias(p, "MessageDigest", "SHA3-256",
+ "sun.security.provider.SHA3$SHA256", attrs);
+ addWithAlias(p, "MessageDigest", "SHA3-384",
+ "sun.security.provider.SHA3$SHA384", attrs);
+ addWithAlias(p, "MessageDigest", "SHA3-512",
+ "sun.security.provider.SHA3$SHA512", attrs);
+ }
/*
* Certificates
diff --git a/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java b/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
index ca79f25cc44..225517ac69b 100644
--- a/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
+++ b/src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
@@ -27,6 +27,7 @@ package sun.security.rsa;
import java.util.*;
import java.security.Provider;
+import jdk.internal.access.SharedSecrets;
import static sun.security.util.SecurityProviderConstants.getAliases;
/**
@@ -36,6 +37,10 @@ import static sun.security.util.SecurityProviderConstants.getAliases;
*/
public final class SunRsaSignEntries {
+ private static final boolean systemFipsEnabled =
+ SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled();
+
private void add(Provider p, String type, String algo, String cn,
List<String> aliases, HashMap<String, String> attrs) {
services.add(new Provider.Service(p, type, algo, cn,
@@ -56,49 +61,58 @@ public final class SunRsaSignEntries {
// start populating content using the specified provider
// common attribute map
HashMap<String, String> attrs = new HashMap<>(3);
- attrs.put("SupportedKeyClasses",
- "java.security.interfaces.RSAPublicKey" +
- "|java.security.interfaces.RSAPrivateKey");
+ if (!systemFipsEnabled) {
+ attrs.put("SupportedKeyClasses",
+ "java.security.interfaces.RSAPublicKey" +
+ "|java.security.interfaces.RSAPrivateKey");
+ }
add(p, "KeyFactory", "RSA",
"sun.security.rsa.RSAKeyFactory$Legacy",
getAliases("PKCS1"), null);
- add(p, "KeyPairGenerator", "RSA",
- "sun.security.rsa.RSAKeyPairGenerator$Legacy",
- getAliases("PKCS1"), null);
- addA(p, "Signature", "MD2withRSA",
- "sun.security.rsa.RSASignature$MD2withRSA", attrs);
- addA(p, "Signature", "MD5withRSA",
- "sun.security.rsa.RSASignature$MD5withRSA", attrs);
- addA(p, "Signature", "SHA1withRSA",
- "sun.security.rsa.RSASignature$SHA1withRSA", attrs);
- addA(p, "Signature", "SHA224withRSA",
- "sun.security.rsa.RSASignature$SHA224withRSA", attrs);
- addA(p, "Signature", "SHA256withRSA",
- "sun.security.rsa.RSASignature$SHA256withRSA", attrs);
- addA(p, "Signature", "SHA384withRSA",
- "sun.security.rsa.RSASignature$SHA384withRSA", attrs);
- addA(p, "Signature", "SHA512withRSA",
- "sun.security.rsa.RSASignature$SHA512withRSA", attrs);
- addA(p, "Signature", "SHA512/224withRSA",
- "sun.security.rsa.RSASignature$SHA512_224withRSA", attrs);
- addA(p, "Signature", "SHA512/256withRSA",
- "sun.security.rsa.RSASignature$SHA512_256withRSA", attrs);
- addA(p, "Signature", "SHA3-224withRSA",
- "sun.security.rsa.RSASignature$SHA3_224withRSA", attrs);
- addA(p, "Signature", "SHA3-256withRSA",
- "sun.security.rsa.RSASignature$SHA3_256withRSA", attrs);
- addA(p, "Signature", "SHA3-384withRSA",
- "sun.security.rsa.RSASignature$SHA3_384withRSA", attrs);
- addA(p, "Signature", "SHA3-512withRSA",
- "sun.security.rsa.RSASignature$SHA3_512withRSA", attrs);
+
+ if (!systemFipsEnabled) {
+ add(p, "KeyPairGenerator", "RSA",
+ "sun.security.rsa.RSAKeyPairGenerator$Legacy",
+ getAliases("PKCS1"), null);
+ addA(p, "Signature", "MD2withRSA",
+ "sun.security.rsa.RSASignature$MD2withRSA", attrs);
+ addA(p, "Signature", "MD5withRSA",
+ "sun.security.rsa.RSASignature$MD5withRSA", attrs);
+ addA(p, "Signature", "SHA1withRSA",
+ "sun.security.rsa.RSASignature$SHA1withRSA", attrs);
+ addA(p, "Signature", "SHA224withRSA",
+ "sun.security.rsa.RSASignature$SHA224withRSA", attrs);
+ addA(p, "Signature", "SHA256withRSA",
+ "sun.security.rsa.RSASignature$SHA256withRSA", attrs);
+ addA(p, "Signature", "SHA384withRSA",
+ "sun.security.rsa.RSASignature$SHA384withRSA", attrs);
+ addA(p, "Signature", "SHA512withRSA",
+ "sun.security.rsa.RSASignature$SHA512withRSA", attrs);
+ addA(p, "Signature", "SHA512/224withRSA",
+ "sun.security.rsa.RSASignature$SHA512_224withRSA", attrs);
+ addA(p, "Signature", "SHA512/256withRSA",
+ "sun.security.rsa.RSASignature$SHA512_256withRSA", attrs);
+ addA(p, "Signature", "SHA3-224withRSA",
+ "sun.security.rsa.RSASignature$SHA3_224withRSA", attrs);
+ addA(p, "Signature", "SHA3-256withRSA",
+ "sun.security.rsa.RSASignature$SHA3_256withRSA", attrs);
+ addA(p, "Signature", "SHA3-384withRSA",
+ "sun.security.rsa.RSASignature$SHA3_384withRSA", attrs);
+ addA(p, "Signature", "SHA3-512withRSA",
+ "sun.security.rsa.RSASignature$SHA3_512withRSA", attrs);
+ }
addA(p, "KeyFactory", "RSASSA-PSS",
"sun.security.rsa.RSAKeyFactory$PSS", attrs);
- addA(p, "KeyPairGenerator", "RSASSA-PSS",
- "sun.security.rsa.RSAKeyPairGenerator$PSS", attrs);
- addA(p, "Signature", "RSASSA-PSS",
- "sun.security.rsa.RSAPSSSignature", attrs);
+
+ if (!systemFipsEnabled) {
+ addA(p, "KeyPairGenerator", "RSASSA-PSS",
+ "sun.security.rsa.RSAKeyPairGenerator$PSS", attrs);
+ addA(p, "Signature", "RSASSA-PSS",
+ "sun.security.rsa.RSAPSSSignature", attrs);
+ }
+
addA(p, "AlgorithmParameters", "RSASSA-PSS",
"sun.security.rsa.PSSParameters", null);
}
diff --git a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
index 6ffdfeda18d..775b185fb06 100644
--- a/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
+++ b/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java
@@ -32,6 +32,7 @@ import java.security.cert.*;
import java.util.*;
import java.util.concurrent.locks.ReentrantLock;
import javax.net.ssl.*;
+import jdk.internal.access.SharedSecrets;
import sun.security.action.GetPropertyAction;
import sun.security.provider.certpath.AlgorithmChecker;
import sun.security.validator.Validator;
@@ -536,22 +537,40 @@ public abstract class SSLContextImpl extends SSLContextSpi {
private static final List<CipherSuite> serverDefaultCipherSuites;
static {
- supportedProtocols = Arrays.asList(
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10,
- ProtocolVersion.SSL30,
- ProtocolVersion.SSL20Hello
- );
-
- serverDefaultProtocols = getAvailableProtocols(
- new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- });
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ supportedProtocols = Arrays.asList(
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ );
+
+ serverDefaultProtocols = getAvailableProtocols(
+ new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ });
+ } else {
+ supportedProtocols = Arrays.asList(
+ ProtocolVersion.TLS13,
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10,
+ ProtocolVersion.SSL30,
+ ProtocolVersion.SSL20Hello
+ );
+
+ serverDefaultProtocols = getAvailableProtocols(
+ new ProtocolVersion[] {
+ ProtocolVersion.TLS13,
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ });
+ }
supportedCipherSuites = getApplicableSupportedCipherSuites(
supportedProtocols);
@@ -842,12 +861,23 @@ public abstract class SSLContextImpl extends SSLContextSpi {
ProtocolVersion[] candidates;
if (refactored.isEmpty()) {
// Client and server use the same default protocols.
- candidates = new ProtocolVersion[] {
- ProtocolVersion.TLS13,
- ProtocolVersion.TLS12,
- ProtocolVersion.TLS11,
- ProtocolVersion.TLS10
- };
+ if (SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ } else {
+ candidates = new ProtocolVersion[] {
+ ProtocolVersion.TLS13,
+ ProtocolVersion.TLS12,
+ ProtocolVersion.TLS11,
+ ProtocolVersion.TLS10
+ };
+ }
} else {
// Use the customized TLS protocols.
candidates =
diff --git a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
index 894e26dfad8..8b16378b96b 100644
--- a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
+++ b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java
@@ -27,6 +27,8 @@ package sun.security.ssl;
import java.security.*;
import java.util.*;
+
+import jdk.internal.access.SharedSecrets;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
/**
@@ -102,8 +104,13 @@ public class SunJSSE extends java.security.Provider {
"sun.security.ssl.SSLContextImpl$TLS11Context", null, null);
ps("SSLContext", "TLSv1.2",
"sun.security.ssl.SSLContextImpl$TLS12Context", null, null);
- ps("SSLContext", "TLSv1.3",
- "sun.security.ssl.SSLContextImpl$TLS13Context", null, null);
+ if (!SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled()) {
+ // RH1860986: TLSv1.3 key derivation not supported with
+ // the Security Providers available in system FIPS mode.
+ ps("SSLContext", "TLSv1.3",
+ "sun.security.ssl.SSLContextImpl$TLS13Context", null, null);
+ }
ps("SSLContext", "TLS",
"sun.security.ssl.SSLContextImpl$TLSContext",
List.of("SSL"), null);
diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security
index 6d91e3f8e4e..adfaf57d29e 100644
--- a/src/java.base/share/conf/security/java.security
+++ b/src/java.base/share/conf/security/java.security
@@ -79,6 +79,16 @@ security.provider.tbd=Apple
#endif
security.provider.tbd=SunPKCS11
+#
+# Security providers used when FIPS mode support is active
+#
+fips.provider.1=SunPKCS11 ${java.home}/conf/security/nss.fips.cfg
+fips.provider.2=SUN
+fips.provider.3=SunEC
+fips.provider.4=SunJSSE
+fips.provider.5=SunJCE
+fips.provider.6=SunRsaSign
+
#
# A list of preferred providers for specific algorithms. These providers will
# be searched for matching algorithms before the list of registered providers.
@@ -289,6 +299,11 @@ policy.ignoreIdentityScope=false
#
keystore.type=pkcs12
+#
+# Default keystore type used when global crypto-policies are set to FIPS.
+#
+fips.keystore.type=PKCS11
+
#
# Controls compatibility mode for JKS and PKCS12 keystore types.
#
@@ -326,6 +341,13 @@ package.definition=sun.misc.,\
#
security.overridePropertiesFile=true
+#
+# Determines whether this properties file will be appended to
+# using the system properties file stored at
+# /etc/crypto-policies/back-ends/java.config
+#
+security.useSystemPropertiesFile=false
+
#
# Determines the default key and trust manager factory algorithms for
# the javax.net.ssl package.
diff --git a/src/java.base/share/lib/security/default.policy b/src/java.base/share/lib/security/default.policy
index b22f26947af..3ee2ce6ea88 100644
--- a/src/java.base/share/lib/security/default.policy
+++ b/src/java.base/share/lib/security/default.policy
@@ -121,6 +121,7 @@ grant codeBase "jrt:/jdk.charsets" {
grant codeBase "jrt:/jdk.crypto.ec" {
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
+ permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.access";
permission java.lang.RuntimePermission "loadLibrary.sunec";
permission java.security.SecurityPermission "putProviderProperty.SunEC";
permission java.security.SecurityPermission "clearProviderProperties.SunEC";
@@ -130,6 +131,7 @@ grant codeBase "jrt:/jdk.crypto.ec" {
grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.lang.RuntimePermission
"accessClassInPackage.com.sun.crypto.provider";
+ permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.access";
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
permission java.lang.RuntimePermission
"accessClassInPackage.sun.security.*";
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
new file mode 100644
index 00000000000..9bb31555f48
--- /dev/null
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/FIPSKeyImporter.java
@@ -0,0 +1,490 @@
+/*
+ * Copyright (c) 2021, Red Hat, Inc.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.pkcs11;
+
+import java.math.BigInteger;
+import java.security.KeyFactory;
+import java.security.Provider;
+import java.security.Security;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.locks.ReentrantLock;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.SecretKeySpec;
+import javax.crypto.spec.DHPrivateKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+
+import sun.security.jca.JCAUtil;
+import sun.security.pkcs11.TemplateManager;
+import sun.security.pkcs11.wrapper.CK_ATTRIBUTE;
+import sun.security.pkcs11.wrapper.CK_MECHANISM;
+import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
+import static sun.security.pkcs11.wrapper.PKCS11Exception.*;
+import sun.security.pkcs11.wrapper.PKCS11Exception;
+import sun.security.rsa.RSAPrivateCrtKeyImpl;
+import sun.security.rsa.RSAUtil;
+import sun.security.rsa.RSAUtil.KeyType;
+import sun.security.util.Debug;
+import sun.security.util.ECUtil;
+
+final class FIPSKeyImporter {
+
+ private static final Debug debug =
+ Debug.getInstance("sunpkcs11");
+
+ private static volatile P11Key importerKey = null;
+ private static SecretKeySpec exporterKey = null;
+ private static volatile P11Key exporterKeyP11 = null;
+ private static final ReentrantLock importerKeyLock = new ReentrantLock();
+ // Do not take the exporterKeyLock with the importerKeyLock held.
+ private static final ReentrantLock exporterKeyLock = new ReentrantLock();
+ private static volatile CK_MECHANISM importerKeyMechanism = null;
+ private static volatile CK_MECHANISM exporterKeyMechanism = null;
+ private static Cipher importerCipher = null;
+ private static Cipher exporterCipher = null;
+
+ private static volatile Provider sunECProvider = null;
+ private static final ReentrantLock sunECProviderLock = new ReentrantLock();
+
+ private static volatile KeyFactory DHKF = null;
+ private static final ReentrantLock DHKFLock = new ReentrantLock();
+
+ static Long importKey(SunPKCS11 sunPKCS11, long hSession, CK_ATTRIBUTE[] attributes)
+ throws PKCS11Exception {
+ long keyID = -1;
+ Token token = sunPKCS11.getToken();
+ if (debug != null) {
+ debug.println("Private or Secret key will be imported in" +
+ " system FIPS mode.");
+ }
+ if (importerKey == null) {
+ importerKeyLock.lock();
+ try {
+ if (importerKey == null) {
+ if (importerKeyMechanism == null) {
+ // Importer Key creation has not been tried yet. Try it.
+ createImporterKey(token);
+ }
+ if (importerKey == null || importerCipher == null) {
+ if (debug != null) {
+ debug.println("Importer Key could not be" +
+ " generated.");
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " fips key importer");
+ }
+ if (debug != null) {
+ debug.println("Importer Key successfully" +
+ " generated.");
+ }
+ }
+ } finally {
+ importerKeyLock.unlock();
+ }
+ }
+ long importerKeyID = importerKey.getKeyID();
+ try {
+ byte[] keyBytes = null;
+ byte[] encKeyBytes = null;
+ long keyClass = 0L;
+ long keyType = 0L;
+ Map<Long, CK_ATTRIBUTE> attrsMap = new HashMap<>();
+ for (CK_ATTRIBUTE attr : attributes) {
+ if (attr.type == CKA_CLASS) {
+ keyClass = attr.getLong();
+ } else if (attr.type == CKA_KEY_TYPE) {
+ keyType = attr.getLong();
+ }
+ attrsMap.put(attr.type, attr);
+ }
+ BigInteger v = null;
+ if (keyClass == CKO_PRIVATE_KEY) {
+ if (keyType == CKK_RSA) {
+ if (debug != null) {
+ debug.println("Importing an RSA private key...");
+ }
+ keyBytes = sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(
+ KeyType.RSA,
+ null,
+ ((v = attrsMap.get(CKA_MODULUS).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PUBLIC_EXPONENT).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PRIVATE_EXPONENT).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PRIME_1).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PRIME_2).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_EXPONENT_1).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_EXPONENT_2).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_COEFFICIENT).getBigInteger()) != null)
+ ? v : BigInteger.ZERO
+ ).getEncoded();
+ } else if (keyType == CKK_DSA) {
+ if (debug != null) {
+ debug.println("Importing a DSA private key...");
+ }
+ keyBytes = new sun.security.provider.DSAPrivateKey(
+ ((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PRIME).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_SUBPRIME).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_BASE).getBigInteger()) != null)
+ ? v : BigInteger.ZERO
+ ).getEncoded();
+ if (token.config.getNssNetscapeDbWorkaround() &&
+ attrsMap.get(CKA_NETSCAPE_DB) == null) {
+ attrsMap.put(CKA_NETSCAPE_DB,
+ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO));
+ }
+ } else if (keyType == CKK_EC) {
+ if (debug != null) {
+ debug.println("Importing an EC private key...");
+ }
+ if (sunECProvider == null) {
+ sunECProviderLock.lock();
+ try {
+ if (sunECProvider == null) {
+ sunECProvider = Security.getProvider("SunEC");
+ }
+ } finally {
+ sunECProviderLock.unlock();
+ }
+ }
+ keyBytes = ECUtil.generateECPrivateKey(
+ ((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ECUtil.getECParameterSpec(sunECProvider,
+ attrsMap.get(CKA_EC_PARAMS).getByteArray()))
+ .getEncoded();
+ if (token.config.getNssNetscapeDbWorkaround() &&
+ attrsMap.get(CKA_NETSCAPE_DB) == null) {
+ attrsMap.put(CKA_NETSCAPE_DB,
+ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO));
+ }
+ } else if (keyType == CKK_DH) {
+ if (debug != null) {
+ debug.println("Importing a Diffie-Hellman private key...");
+ }
+ if (DHKF == null) {
+ DHKFLock.lock();
+ try {
+ if (DHKF == null) {
+ DHKF = KeyFactory.getInstance(
+ "DH", P11Util.getSunJceProvider());
+ }
+ } finally {
+ DHKFLock.unlock();
+ }
+ }
+ DHPrivateKeySpec spec = new DHPrivateKeySpec
+ (((v = attrsMap.get(CKA_VALUE).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_PRIME).getBigInteger()) != null)
+ ? v : BigInteger.ZERO,
+ ((v = attrsMap.get(CKA_BASE).getBigInteger()) != null)
+ ? v : BigInteger.ZERO);
+ keyBytes = DHKF.generatePrivate(spec).getEncoded();
+ if (token.config.getNssNetscapeDbWorkaround() &&
+ attrsMap.get(CKA_NETSCAPE_DB) == null) {
+ attrsMap.put(CKA_NETSCAPE_DB,
+ new CK_ATTRIBUTE(CKA_NETSCAPE_DB, BigInteger.ZERO));
+ }
+ } else {
+ if (debug != null) {
+ debug.println("Unrecognized private key type.");
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " fips key importer");
+ }
+ } else if (keyClass == CKO_SECRET_KEY) {
+ if (debug != null) {
+ debug.println("Importing a secret key...");
+ }
+ keyBytes = attrsMap.get(CKA_VALUE).getByteArray();
+ }
+ if (keyBytes == null || keyBytes.length == 0) {
+ if (debug != null) {
+ debug.println("Private or secret key plain bytes could" +
+ " not be obtained. Import failed.");
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " fips key importer");
+ }
+ attributes = new CK_ATTRIBUTE[attrsMap.size()];
+ attrsMap.values().toArray(attributes);
+ importerKeyLock.lock();
+ try {
+ // No need to reset the cipher object because no multi-part
+ // operations are performed.
+ encKeyBytes = importerCipher.doFinal(keyBytes);
+ } finally {
+ importerKeyLock.unlock();
+ }
+ attributes = token.getAttributes(TemplateManager.O_IMPORT,
+ keyClass, keyType, attributes);
+ keyID = token.p11.C_UnwrapKey(hSession,
+ importerKeyMechanism, importerKeyID, encKeyBytes, attributes);
+ if (debug != null) {
+ debug.println("Imported key ID: " + keyID);
+ }
+ } catch (Throwable t) {
+ if (t instanceof PKCS11Exception) {
+ throw (PKCS11Exception)t;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ t.getMessage());
+ } finally {
+ importerKey.releaseKeyID();
+ }
+ return Long.valueOf(keyID);
+ }
+
+ static void exportKey(SunPKCS11 sunPKCS11, long hSession, long hObject,
+ long keyClass, long keyType, Map<Long, CK_ATTRIBUTE> sensitiveAttrs)
+ throws PKCS11Exception {
+ Token token = sunPKCS11.getToken();
+ if (debug != null) {
+ debug.println("Private or Secret key will be exported in" +
+ " system FIPS mode.");
+ }
+ if (exporterKeyP11 == null) {
+ try {
+ exporterKeyLock.lock();
+ if (exporterKeyP11 == null) {
+ if (exporterKeyMechanism == null) {
+ // Exporter Key creation has not been tried yet. Try it.
+ createExporterKey(token);
+ }
+ if (exporterKeyP11 == null || exporterCipher == null) {
+ if (debug != null) {
+ debug.println("Exporter Key could not be" +
+ " generated.");
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " fips key exporter");
+ }
+ if (debug != null) {
+ debug.println("Exporter Key successfully" +
+ " generated.");
+ }
+ }
+ } finally {
+ exporterKeyLock.unlock();
+ }
+ }
+ long exporterKeyID = exporterKeyP11.getKeyID();
+ try {
+ byte[] wrappedKeyBytes = token.p11.C_WrapKey(hSession,
+ exporterKeyMechanism, exporterKeyID, hObject);
+ byte[] plainExportedKey = null;
+ exporterKeyLock.lock();
+ try {
+ // No need to reset the cipher object because no multi-part
+ // operations are performed.
+ plainExportedKey = exporterCipher.doFinal(wrappedKeyBytes);
+ } finally {
+ exporterKeyLock.unlock();
+ }
+ if (keyClass == CKO_PRIVATE_KEY) {
+ exportPrivateKey(sensitiveAttrs, keyType, plainExportedKey);
+ } else if (keyClass == CKO_SECRET_KEY) {
+ checkAttrs(sensitiveAttrs, "CKO_SECRET_KEY", CKA_VALUE);
+ // CKA_VALUE is guaranteed to be present, since sensitiveAttrs'
+ // size is greater than 0 and no invalid attributes exist
+ sensitiveAttrs.get(CKA_VALUE).pValue = plainExportedKey;
+ } else {
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " fips key exporter");
+ }
+ } catch (Throwable t) {
+ if (t instanceof PKCS11Exception) {
+ throw (PKCS11Exception)t;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ t.getMessage());
+ } finally {
+ exporterKeyP11.releaseKeyID();
+ }
+ }
+
+ private static void exportPrivateKey(
+ Map<Long, CK_ATTRIBUTE> sensitiveAttrs, long keyType,
+ byte[] plainExportedKey) throws Throwable {
+ if (keyType == CKK_RSA) {
+ checkAttrs(sensitiveAttrs, "CKO_PRIVATE_KEY CKK_RSA",
+ CKA_PRIVATE_EXPONENT, CKA_PRIME_1, CKA_PRIME_2,
+ CKA_EXPONENT_1, CKA_EXPONENT_2, CKA_COEFFICIENT);
+ RSAPrivateKey rsaPKey = RSAPrivateCrtKeyImpl.newKey(
+ RSAUtil.KeyType.RSA, "PKCS#8", plainExportedKey
+ );
+ CK_ATTRIBUTE attr;
+ if ((attr = sensitiveAttrs.get(CKA_PRIVATE_EXPONENT)) != null) {
+ attr.pValue = rsaPKey.getPrivateExponent().toByteArray();
+ }
+ if (rsaPKey instanceof RSAPrivateCrtKey) {
+ RSAPrivateCrtKey rsaPCrtKey = (RSAPrivateCrtKey) rsaPKey;
+ if ((attr = sensitiveAttrs.get(CKA_PRIME_1)) != null) {
+ attr.pValue = rsaPCrtKey.getPrimeP().toByteArray();
+ }
+ if ((attr = sensitiveAttrs.get(CKA_PRIME_2)) != null) {
+ attr.pValue = rsaPCrtKey.getPrimeQ().toByteArray();
+ }
+ if ((attr = sensitiveAttrs.get(CKA_EXPONENT_1)) != null) {
+ attr.pValue = rsaPCrtKey.getPrimeExponentP().toByteArray();
+ }
+ if ((attr = sensitiveAttrs.get(CKA_EXPONENT_2)) != null) {
+ attr.pValue = rsaPCrtKey.getPrimeExponentQ().toByteArray();
+ }
+ if ((attr = sensitiveAttrs.get(CKA_COEFFICIENT)) != null) {
+ attr.pValue = rsaPCrtKey.getCrtCoefficient().toByteArray();
+ }
+ } else {
+ checkAttrs(sensitiveAttrs, "CKO_PRIVATE_KEY CKK_RSA",
+ CKA_PRIVATE_EXPONENT);
+ }
+ } else if (keyType == CKK_DSA) {
+ checkAttrs(sensitiveAttrs, "CKO_PRIVATE_KEY CKK_DSA", CKA_VALUE);
+ // CKA_VALUE is guaranteed to be present, since sensitiveAttrs'
+ // size is greater than 0 and no invalid attributes exist
+ sensitiveAttrs.get(CKA_VALUE).pValue =
+ new sun.security.provider.DSAPrivateKey(plainExportedKey)
+ .getX().toByteArray();
+ } else if (keyType == CKK_EC) {
+ checkAttrs(sensitiveAttrs, "CKO_PRIVATE_KEY CKK_EC", CKA_VALUE);
+ // CKA_VALUE is guaranteed to be present, since sensitiveAttrs'
+ // size is greater than 0 and no invalid attributes exist
+ sensitiveAttrs.get(CKA_VALUE).pValue =
+ ECUtil.decodePKCS8ECPrivateKey(plainExportedKey)
+ .getS().toByteArray();
+ } else {
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " unsupported CKO_PRIVATE_KEY key type: " + keyType);
+ }
+ }
+
+ private static void checkAttrs(Map<Long, CK_ATTRIBUTE> sensitiveAttrs,
+ String keyName, long... validAttrs)
+ throws PKCS11Exception {
+ int sensitiveAttrsCount = sensitiveAttrs.size();
+ if (sensitiveAttrsCount <= validAttrs.length) {
+ int validAttrsCount = 0;
+ for (long validAttr : validAttrs) {
+ if (sensitiveAttrs.containsKey(validAttr)) validAttrsCount++;
+ }
+ if (validAttrsCount == sensitiveAttrsCount) return;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ " invalid attribute types for a " + keyName + " key object");
+ }
+
+ private static void createImporterKey(Token token) {
+ if (debug != null) {
+ debug.println("Generating Importer Key...");
+ }
+ byte[] iv = new byte[16];
+ JCAUtil.getSecureRandom().nextBytes(iv);
+ importerKeyMechanism = new CK_MECHANISM(CKM_AES_CBC_PAD, iv);
+ try {
+ CK_ATTRIBUTE[] attributes = token.getAttributes(TemplateManager.O_GENERATE,
+ CKO_SECRET_KEY, CKK_AES, new CK_ATTRIBUTE[] {
+ new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY),
+ new CK_ATTRIBUTE(CKA_VALUE_LEN, 256 >> 3)});
+ Session s = null;
+ try {
+ s = token.getObjSession();
+ long keyID = token.p11.C_GenerateKey(
+ s.id(), new CK_MECHANISM(CKM_AES_KEY_GEN),
+ attributes);
+ if (debug != null) {
+ debug.println("Importer Key ID: " + keyID);
+ }
+ importerKey = (P11Key)P11Key.secretKey(s, keyID, "AES",
+ 256 >> 3, null);
+ } catch (PKCS11Exception e) {
+ // best effort
+ } finally {
+ token.releaseSession(s);
+ }
+ if (importerKey != null) {
+ importerCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ importerCipher.init(Cipher.ENCRYPT_MODE, importerKey,
+ new IvParameterSpec(
+ (byte[])importerKeyMechanism.pParameter), null);
+ }
+ } catch (Throwable t) {
+ // best effort
+ importerKey = null;
+ importerCipher = null;
+ // importerKeyMechanism value is kept initialized to indicate that
+ // Importer Key creation has been tried and failed.
+ if (debug != null) {
+ debug.println("Error generating the Importer Key");
+ }
+ }
+ }
+
+ private static void createExporterKey(Token token) {
+ if (debug != null) {
+ debug.println("Generating Exporter Key...");
+ }
+ byte[] iv = new byte[16];
+ JCAUtil.getSecureRandom().nextBytes(iv);
+ exporterKeyMechanism = new CK_MECHANISM(CKM_AES_CBC_PAD, iv);
+ byte[] exporterKeyRaw = new byte[32];
+ JCAUtil.getSecureRandom().nextBytes(exporterKeyRaw);
+ exporterKey = new SecretKeySpec(exporterKeyRaw, "AES");
+ try {
+ SecretKeyFactory skf = SecretKeyFactory.getInstance("AES");
+ exporterKeyP11 = (P11Key)(skf.translateKey(exporterKey));
+ if (exporterKeyP11 != null) {
+ exporterCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+ exporterCipher.init(Cipher.DECRYPT_MODE, exporterKey,
+ new IvParameterSpec(
+ (byte[])exporterKeyMechanism.pParameter), null);
+ }
+ } catch (Throwable t) {
+ // best effort
+ exporterKey = null;
+ exporterKeyP11 = null;
+ exporterCipher = null;
+ // exporterKeyMechanism value is kept initialized to indicate that
+ // Exporter Key creation has been tried and failed.
+ if (debug != null) {
+ debug.println("Error generating the Exporter Key");
+ }
+ }
+ }
+}
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
index 9b69072280e..b403e6d3c6d 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Key.java
@@ -37,6 +37,8 @@ import javax.crypto.*;
import javax.crypto.interfaces.*;
import javax.crypto.spec.*;
+import jdk.internal.access.SharedSecrets;
+
import sun.security.rsa.RSAUtil.KeyType;
import sun.security.rsa.RSAPublicKeyImpl;
import sun.security.rsa.RSAPrivateCrtKeyImpl;
@@ -69,6 +71,9 @@ import sun.security.jca.JCAUtil;
*/
abstract class P11Key implements Key, Length {
+ private static final boolean plainKeySupportEnabled = SharedSecrets
+ .getJavaSecuritySystemConfiguratorAccess().isPlainKeySupportEnabled();
+
private static final long serialVersionUID = -2575874101938349339L;
private static final String PUBLIC = "public";
@@ -379,7 +384,8 @@ abstract class P11Key implements Key, Length {
new CK_ATTRIBUTE(CKA_SENSITIVE),
new CK_ATTRIBUTE(CKA_EXTRACTABLE),
});
- if (attributes[1].getBoolean() || (attributes[2].getBoolean() == false)) {
+ if (!plainKeySupportEnabled && (attributes[1].getBoolean() ||
+ (attributes[2].getBoolean() == false))) {
return new P11PrivateKey
(session, keyID, algorithm, keyLength, attributes);
} else {
@@ -461,7 +467,8 @@ abstract class P11Key implements Key, Length {
}
public String getFormat() {
token.ensureValid();
- if (sensitive || (extractable == false)) {
+ if (!plainKeySupportEnabled &&
+ (sensitive || (extractable == false))) {
return null;
} else {
return "RAW";
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
index 112b639aa96..5549cd9ed4e 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java
@@ -26,6 +26,9 @@
package sun.security.pkcs11;
import java.io.*;
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodType;
import java.util.*;
import java.security.*;
@@ -42,6 +45,7 @@ import javax.security.auth.callback.PasswordCallback;
import com.sun.crypto.provider.ChaCha20Poly1305Parameters;
+import jdk.internal.access.SharedSecrets;
import jdk.internal.misc.InnocuousThread;
import sun.security.util.Debug;
import sun.security.util.ResourcesMgr;
@@ -62,6 +66,37 @@ import static sun.security.pkcs11.wrapper.PKCS11Exception.*;
*/
public final class SunPKCS11 extends AuthProvider {
+ private static final boolean systemFipsEnabled = SharedSecrets
+ .getJavaSecuritySystemConfiguratorAccess().isSystemFipsEnabled();
+
+ private static final boolean plainKeySupportEnabled = SharedSecrets
+ .getJavaSecuritySystemConfiguratorAccess().isPlainKeySupportEnabled();
+
+ private static final MethodHandle fipsImportKey;
+ private static final MethodHandle fipsExportKey;
+ static {
+ MethodHandle fipsImportKeyTmp = null;
+ MethodHandle fipsExportKeyTmp = null;
+ if (plainKeySupportEnabled) {
+ try {
+ fipsImportKeyTmp = MethodHandles.lookup().findStatic(
+ FIPSKeyImporter.class, "importKey",
+ MethodType.methodType(Long.class, SunPKCS11.class,
+ long.class, CK_ATTRIBUTE[].class));
+ fipsExportKeyTmp = MethodHandles.lookup().findStatic(
+ FIPSKeyImporter.class, "exportKey",
+ MethodType.methodType(void.class, SunPKCS11.class,
+ long.class, long.class,
+ long.class, long.class, Map.class));
+ } catch (Throwable t) {
+ throw new SecurityException("FIPS key importer-exporter" +
+ " initialization failed", t);
+ }
+ }
+ fipsImportKey = fipsImportKeyTmp;
+ fipsExportKey = fipsExportKeyTmp;
+ }
+
private static final long serialVersionUID = -1354835039035306505L;
static final Debug debug = Debug.getInstance("sunpkcs11");
@@ -320,10 +355,19 @@ public final class SunPKCS11 extends AuthProvider {
// request multithreaded access first
initArgs.flags = CKF_OS_LOCKING_OK;
PKCS11 tmpPKCS11;
+ MethodHandle fipsKeyImporter = null;
+ MethodHandle fipsKeyExporter = null;
+ if (plainKeySupportEnabled) {
+ fipsKeyImporter = MethodHandles.insertArguments(
+ fipsImportKey, 0, this);
+ fipsKeyExporter = MethodHandles.insertArguments(
+ fipsExportKey, 0, this);
+ }
try {
tmpPKCS11 = PKCS11.getInstance(
library, functionList, initArgs,
- config.getOmitInitialize());
+ config.getOmitInitialize(), fipsKeyImporter,
+ fipsKeyExporter);
} catch (PKCS11Exception e) {
if (debug != null) {
debug.println("Multi-threaded initialization failed: " + e);
@@ -339,7 +383,8 @@ public final class SunPKCS11 extends AuthProvider {
initArgs.flags = 0;
}
tmpPKCS11 = PKCS11.getInstance(library,
- functionList, initArgs, config.getOmitInitialize());
+ functionList, initArgs, config.getOmitInitialize(), fipsKeyImporter,
+ fipsKeyExporter);
}
p11 = tmpPKCS11;
@@ -379,6 +424,24 @@ public final class SunPKCS11 extends AuthProvider {
if (nssModule != null) {
nssModule.setProvider(this);
}
+ if (systemFipsEnabled) {
+ // The NSS Software Token in FIPS 140-2 mode requires a user
+ // login for most operations. See sftk_fipsCheck. The NSS DB
+ // (/etc/pki/nssdb) PIN is empty.
+ Session session = null;
+ try {
+ session = token.getOpSession();
+ p11.C_Login(session.id(), CKU_USER, new char[] {});
+ } catch (PKCS11Exception p11e) {
+ if (debug != null) {
+ debug.println("Error during token login: " +
+ p11e.getMessage());
+ }
+ throw p11e;
+ } finally {
+ token.releaseSession(session);
+ }
+ }
} catch (Exception e) {
if (config.getHandleStartupErrors() == Config.ERR_IGNORE_ALL) {
throw new UnsupportedOperationException
diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
index 5c0aacd1a67..1e98ce2e280 100644
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/PKCS11.java
@@ -49,6 +49,9 @@ package sun.security.pkcs11.wrapper;
import java.io.File;
import java.io.IOException;
+import java.lang.invoke.MethodHandle;
+import java.lang.invoke.MethodHandles;
+import java.lang.invoke.MethodType;
import java.util.*;
import java.security.AccessController;
@@ -150,18 +153,43 @@ public class PKCS11 {
this.pkcs11ModulePath = pkcs11ModulePath;
}
+ /*
+ * Compatibility wrapper to allow this method to work as before
+ * when FIPS mode support is not active.
+ */
+ public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
+ String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
+ boolean omitInitialize) throws IOException, PKCS11Exception {
+ return getInstance(pkcs11ModulePath, functionList,
+ pInitArgs, omitInitialize, null, null);
+ }
+
public static synchronized PKCS11 getInstance(String pkcs11ModulePath,
String functionList, CK_C_INITIALIZE_ARGS pInitArgs,
- boolean omitInitialize) throws IOException, PKCS11Exception {
+ boolean omitInitialize, MethodHandle fipsKeyImporter,
+ MethodHandle fipsKeyExporter)
+ throws IOException, PKCS11Exception {
// we may only call C_Initialize once per native .so/.dll
// so keep a cache using the (non-canonicalized!) path
PKCS11 pkcs11 = moduleMap.get(pkcs11ModulePath);
if (pkcs11 == null) {
+ boolean nssFipsMode = fipsKeyImporter != null &&
+ fipsKeyExporter != null;
if ((pInitArgs != null)
&& ((pInitArgs.flags & CKF_OS_LOCKING_OK) != 0)) {
- pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
+ if (nssFipsMode) {
+ pkcs11 = new FIPSPKCS11(pkcs11ModulePath, functionList,
+ fipsKeyImporter, fipsKeyExporter);
+ } else {
+ pkcs11 = new PKCS11(pkcs11ModulePath, functionList);
+ }
} else {
- pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
+ if (nssFipsMode) {
+ pkcs11 = new SynchronizedFIPSPKCS11(pkcs11ModulePath,
+ functionList, fipsKeyImporter, fipsKeyExporter);
+ } else {
+ pkcs11 = new SynchronizedPKCS11(pkcs11ModulePath, functionList);
+ }
}
if (omitInitialize == false) {
try {
@@ -1911,4 +1939,194 @@ static class SynchronizedPKCS11 extends PKCS11 {
super.C_GenerateRandom(hSession, randomData);
}
}
+
+// PKCS11 subclass that allows using plain private or secret keys in
+// FIPS-configured NSS Software Tokens. Only used when System FIPS
+// is enabled.
+static class FIPSPKCS11 extends PKCS11 {
+ private MethodHandle fipsKeyImporter;
+ private MethodHandle fipsKeyExporter;
+ private MethodHandle hC_GetAttributeValue;
+ FIPSPKCS11(String pkcs11ModulePath, String functionListName,
+ MethodHandle fipsKeyImporter, MethodHandle fipsKeyExporter)
+ throws IOException {
+ super(pkcs11ModulePath, functionListName);
+ this.fipsKeyImporter = fipsKeyImporter;
+ this.fipsKeyExporter = fipsKeyExporter;
+ try {
+ hC_GetAttributeValue = MethodHandles.insertArguments(
+ MethodHandles.lookup().findSpecial(PKCS11.class,
+ "C_GetAttributeValue", MethodType.methodType(
+ void.class, long.class, long.class,
+ CK_ATTRIBUTE[].class),
+ FIPSPKCS11.class), 0, this);
+ } catch (Throwable t) {
+ throw new RuntimeException(
+ "sun.security.pkcs11.wrapper.PKCS11" +
+ "::C_GetAttributeValue method not found.", t);
+ }
+ }
+
+ public long C_CreateObject(long hSession,
+ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
+ // Creating sensitive key objects from plain key material in a
+ // FIPS-configured NSS Software Token is not allowed. We apply
+ // a key-unwrapping scheme to achieve so.
+ if (FIPSPKCS11Helper.isSensitiveObject(pTemplate)) {
+ try {
+ return ((Long)fipsKeyImporter.invoke(hSession, pTemplate))
+ .longValue();
+ } catch (Throwable t) {
+ if (t instanceof PKCS11Exception) {
+ throw (PKCS11Exception)t;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ t.getMessage());
+ }
+ }
+ return super.C_CreateObject(hSession, pTemplate);
+ }
+
+ public void C_GetAttributeValue(long hSession, long hObject,
+ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
+ FIPSPKCS11Helper.C_GetAttributeValue(hC_GetAttributeValue,
+ fipsKeyExporter, hSession, hObject, pTemplate);
+ }
+}
+
+// FIPSPKCS11 synchronized counterpart.
+static class SynchronizedFIPSPKCS11 extends SynchronizedPKCS11 {
+ private MethodHandle fipsKeyImporter;
+ private MethodHandle fipsKeyExporter;
+ private MethodHandle hC_GetAttributeValue;
+ SynchronizedFIPSPKCS11(String pkcs11ModulePath, String functionListName,
+ MethodHandle fipsKeyImporter, MethodHandle fipsKeyExporter)
+ throws IOException {
+ super(pkcs11ModulePath, functionListName);
+ this.fipsKeyImporter = fipsKeyImporter;
+ this.fipsKeyExporter = fipsKeyExporter;
+ try {
+ hC_GetAttributeValue = MethodHandles.insertArguments(
+ MethodHandles.lookup().findSpecial(SynchronizedPKCS11.class,
+ "C_GetAttributeValue", MethodType.methodType(
+ void.class, long.class, long.class,
+ CK_ATTRIBUTE[].class),
+ SynchronizedFIPSPKCS11.class), 0, this);
+ } catch (Throwable t) {
+ throw new RuntimeException(
+ "sun.security.pkcs11.wrapper.SynchronizedPKCS11" +
+ "::C_GetAttributeValue method not found.", t);
+ }
+ }
+
+ public synchronized long C_CreateObject(long hSession,
+ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
+ // See FIPSPKCS11::C_CreateObject.
+ if (FIPSPKCS11Helper.isSensitiveObject(pTemplate)) {
+ try {
+ return ((Long)fipsKeyImporter.invoke(hSession, pTemplate))
+ .longValue();
+ } catch (Throwable t) {
+ if (t instanceof PKCS11Exception) {
+ throw (PKCS11Exception)t;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ t.getMessage());
+ }
+ }
+ return super.C_CreateObject(hSession, pTemplate);
+ }
+
+ public synchronized void C_GetAttributeValue(long hSession, long hObject,
+ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
+ FIPSPKCS11Helper.C_GetAttributeValue(hC_GetAttributeValue,
+ fipsKeyExporter, hSession, hObject, pTemplate);
+ }
+}
+
+private static class FIPSPKCS11Helper {
+ static boolean isSensitiveObject(CK_ATTRIBUTE[] pTemplate) {
+ for (CK_ATTRIBUTE attr : pTemplate) {
+ if (attr.type == CKA_CLASS &&
+ (attr.getLong() == CKO_PRIVATE_KEY ||
+ attr.getLong() == CKO_SECRET_KEY)) {
+ return true;
+ }
+ }
+ return false;
+ }
+ static void C_GetAttributeValue(MethodHandle hC_GetAttributeValue,
+ MethodHandle fipsKeyExporter, long hSession, long hObject,
+ CK_ATTRIBUTE[] pTemplate) throws PKCS11Exception {
+ Map<Long, CK_ATTRIBUTE> sensitiveAttrs = new HashMap<>();
+ List<CK_ATTRIBUTE> nonSensitiveAttrs = new LinkedList<>();
+ FIPSPKCS11Helper.getAttributesBySensitivity(pTemplate,
+ sensitiveAttrs, nonSensitiveAttrs);
+ try {
+ if (sensitiveAttrs.size() > 0) {
+ long keyClass = -1L;
+ long keyType = -1L;
+ try {
+ // Secret and private keys have both class and type
+ // attributes, so we can query them at once.
+ CK_ATTRIBUTE[] queryAttrs = new CK_ATTRIBUTE[]{
+ new CK_ATTRIBUTE(CKA_CLASS),
+ new CK_ATTRIBUTE(CKA_KEY_TYPE),
+ };
+ hC_GetAttributeValue.invoke(hSession, hObject, queryAttrs);
+ keyClass = queryAttrs[0].getLong();
+ keyType = queryAttrs[1].getLong();
+ } catch (PKCS11Exception e) {
+ // If the query fails, the object is neither a secret nor a
+ // private key. As this case won't be handled with the FIPS
+ // Key Exporter, we keep keyClass initialized to -1L.
+ }
+ if (keyClass == CKO_SECRET_KEY || keyClass == CKO_PRIVATE_KEY) {
+ fipsKeyExporter.invoke(hSession, hObject, keyClass, keyType,
+ sensitiveAttrs);
+ if (nonSensitiveAttrs.size() > 0) {
+ CK_ATTRIBUTE[] pNonSensitiveAttrs =
+ new CK_ATTRIBUTE[nonSensitiveAttrs.size()];
+ int i = 0;
+ for (CK_ATTRIBUTE nonSensAttr : nonSensitiveAttrs) {
+ pNonSensitiveAttrs[i++] = nonSensAttr;
+ }
+ hC_GetAttributeValue.invoke(hSession, hObject,
+ pNonSensitiveAttrs);
+ // libj2pkcs11 allocates new CK_ATTRIBUTE objects, so we
+ // update the reference on the previous CK_ATTRIBUTEs
+ i = 0;
+ for (CK_ATTRIBUTE nonSensAttr : nonSensitiveAttrs) {
+ nonSensAttr.pValue = pNonSensitiveAttrs[i++].pValue;
+ }
+ }
+ return;
+ }
+ }
+ hC_GetAttributeValue.invoke(hSession, hObject, pTemplate);
+ } catch (Throwable t) {
+ if (t instanceof PKCS11Exception) {
+ throw (PKCS11Exception)t;
+ }
+ throw new PKCS11Exception(CKR_GENERAL_ERROR,
+ t.getMessage());
+ }
+ }
+ private static void getAttributesBySensitivity(CK_ATTRIBUTE[] pTemplate,
+ Map<Long, CK_ATTRIBUTE> sensitiveAttrs,
+ List<CK_ATTRIBUTE> nonSensitiveAttrs) {
+ for (CK_ATTRIBUTE attr : pTemplate) {
+ long type = attr.type;
+ // Aligned with NSS' sftk_isSensitive in lib/softoken/pkcs11u.c
+ if (type == CKA_VALUE || type == CKA_PRIVATE_EXPONENT ||
+ type == CKA_PRIME_1 || type == CKA_PRIME_2 ||
+ type == CKA_EXPONENT_1 || type == CKA_EXPONENT_2 ||
+ type == CKA_COEFFICIENT) {
+ sensitiveAttrs.put(type, attr);
+ } else {
+ nonSensitiveAttrs.add(attr);
+ }
+ }
+ }
+}
}
diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
index 8c9e4f9dbe6..883dc04758e 100644
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
@@ -38,6 +38,7 @@ import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
+import jdk.internal.access.SharedSecrets;
import sun.security.ec.ed.EdDSAAlgorithmParameters;
import sun.security.ec.ed.EdDSAKeyFactory;
import sun.security.ec.ed.EdDSAKeyPairGenerator;
@@ -56,6 +57,10 @@ public final class SunEC extends Provider {
private static final long serialVersionUID = -2279741672933606418L;
+ private static final boolean systemFipsEnabled =
+ SharedSecrets.getJavaSecuritySystemConfiguratorAccess()
+ .isSystemFipsEnabled();
+
private static class ProviderServiceA extends ProviderService {
ProviderServiceA(Provider p, String type, String algo, String cn,
HashMap<String, String> attrs) {
@@ -249,85 +254,86 @@ public final class SunEC extends Provider {
putXDHEntries();
putEdDSAEntries();
-
- /*
- * Signature engines
- */
- putService(new ProviderService(this, "Signature",
- "NONEwithECDSA", "sun.security.ec.ECDSASignature$Raw",
- null, ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA1withECDSA", "sun.security.ec.ECDSASignature$SHA1",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA224withECDSA", "sun.security.ec.ECDSASignature$SHA224",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA256withECDSA", "sun.security.ec.ECDSASignature$SHA256",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA384withECDSA", "sun.security.ec.ECDSASignature$SHA384",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA512withECDSA", "sun.security.ec.ECDSASignature$SHA512",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA3-224withECDSA", "sun.security.ec.ECDSASignature$SHA3_224",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA3-256withECDSA", "sun.security.ec.ECDSASignature$SHA3_256",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA3-384withECDSA", "sun.security.ec.ECDSASignature$SHA3_384",
- ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "SHA3-512withECDSA", "sun.security.ec.ECDSASignature$SHA3_512",
- ATTRS));
-
- putService(new ProviderService(this, "Signature",
- "NONEwithECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$RawinP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA1withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA1inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA224withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA224inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA256withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA256inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA384withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA384inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA512withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA512inP1363Format"));
-
- putService(new ProviderService(this, "Signature",
- "SHA3-224withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA3_224inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA3-256withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA3_256inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA3-384withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA3_384inP1363Format"));
- putService(new ProviderService(this, "Signature",
- "SHA3-512withECDSAinP1363Format",
- "sun.security.ec.ECDSASignature$SHA3_512inP1363Format"));
-
- /*
- * Key Pair Generator engine
- */
- putService(new ProviderService(this, "KeyPairGenerator",
- "EC", "sun.security.ec.ECKeyPairGenerator",
- List.of("EllipticCurve"), ATTRS));
-
- /*
- * Key Agreement engine
- */
- putService(new ProviderService(this, "KeyAgreement",
- "ECDH", "sun.security.ec.ECDHKeyAgreement", null, ATTRS));
+ if (!systemFipsEnabled) {
+ /*
+ * Signature engines
+ */
+ putService(new ProviderService(this, "Signature",
+ "NONEwithECDSA", "sun.security.ec.ECDSASignature$Raw",
+ null, ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA1withECDSA", "sun.security.ec.ECDSASignature$SHA1",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA224withECDSA", "sun.security.ec.ECDSASignature$SHA224",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA256withECDSA", "sun.security.ec.ECDSASignature$SHA256",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA384withECDSA", "sun.security.ec.ECDSASignature$SHA384",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA512withECDSA", "sun.security.ec.ECDSASignature$SHA512",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA3-224withECDSA", "sun.security.ec.ECDSASignature$SHA3_224",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA3-256withECDSA", "sun.security.ec.ECDSASignature$SHA3_256",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA3-384withECDSA", "sun.security.ec.ECDSASignature$SHA3_384",
+ ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "SHA3-512withECDSA", "sun.security.ec.ECDSASignature$SHA3_512",
+ ATTRS));
+
+ putService(new ProviderService(this, "Signature",
+ "NONEwithECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$RawinP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA1withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA1inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA224withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA224inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA256withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA256inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA384withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA384inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA512withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA512inP1363Format"));
+
+ putService(new ProviderService(this, "Signature",
+ "SHA3-224withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA3_224inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA3-256withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA3_256inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA3-384withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA3_384inP1363Format"));
+ putService(new ProviderService(this, "Signature",
+ "SHA3-512withECDSAinP1363Format",
+ "sun.security.ec.ECDSASignature$SHA3_512inP1363Format"));
+
+ /*
+ * Key Pair Generator engine
+ */
+ putService(new ProviderService(this, "KeyPairGenerator",
+ "EC", "sun.security.ec.ECKeyPairGenerator",
+ List.of("EllipticCurve"), ATTRS));
+
+ /*
+ * Key Agreement engine
+ */
+ putService(new ProviderService(this, "KeyAgreement",
+ "ECDH", "sun.security.ec.ECDHKeyAgreement", null, ATTRS));
+ }
}
private void putXDHEntries() {
@@ -344,23 +350,25 @@ public final class SunEC extends Provider {
"X448", "sun.security.ec.XDHKeyFactory.X448",
ATTRS));
- putService(new ProviderService(this, "KeyPairGenerator",
- "XDH", "sun.security.ec.XDHKeyPairGenerator", null, ATTRS));
- putService(new ProviderServiceA(this, "KeyPairGenerator",
- "X25519", "sun.security.ec.XDHKeyPairGenerator.X25519",
- ATTRS));
- putService(new ProviderServiceA(this, "KeyPairGenerator",
- "X448", "sun.security.ec.XDHKeyPairGenerator.X448",
- ATTRS));
-
- putService(new ProviderService(this, "KeyAgreement",
- "XDH", "sun.security.ec.XDHKeyAgreement", null, ATTRS));
- putService(new ProviderServiceA(this, "KeyAgreement",
- "X25519", "sun.security.ec.XDHKeyAgreement.X25519",
- ATTRS));
- putService(new ProviderServiceA(this, "KeyAgreement",
- "X448", "sun.security.ec.XDHKeyAgreement.X448",
- ATTRS));
+ if (!systemFipsEnabled) {
+ putService(new ProviderService(this, "KeyPairGenerator",
+ "XDH", "sun.security.ec.XDHKeyPairGenerator", null, ATTRS));
+ putService(new ProviderServiceA(this, "KeyPairGenerator",
+ "X25519", "sun.security.ec.XDHKeyPairGenerator.X25519",
+ ATTRS));
+ putService(new ProviderServiceA(this, "KeyPairGenerator",
+ "X448", "sun.security.ec.XDHKeyPairGenerator.X448",
+ ATTRS));
+
+ putService(new ProviderService(this, "KeyAgreement",
+ "XDH", "sun.security.ec.XDHKeyAgreement", null, ATTRS));
+ putService(new ProviderServiceA(this, "KeyAgreement",
+ "X25519", "sun.security.ec.XDHKeyAgreement.X25519",
+ ATTRS));
+ putService(new ProviderServiceA(this, "KeyAgreement",
+ "X448", "sun.security.ec.XDHKeyAgreement.X448",
+ ATTRS));
+ }
}
private void putEdDSAEntries() {
@@ -375,21 +383,23 @@ public final class SunEC extends Provider {
putService(new ProviderServiceA(this, "KeyFactory",
"Ed448", "sun.security.ec.ed.EdDSAKeyFactory.Ed448", ATTRS));
- putService(new ProviderService(this, "KeyPairGenerator",
- "EdDSA", "sun.security.ec.ed.EdDSAKeyPairGenerator", null, ATTRS));
- putService(new ProviderServiceA(this, "KeyPairGenerator",
- "Ed25519", "sun.security.ec.ed.EdDSAKeyPairGenerator.Ed25519",
- ATTRS));
- putService(new ProviderServiceA(this, "KeyPairGenerator",
- "Ed448", "sun.security.ec.ed.EdDSAKeyPairGenerator.Ed448",
- ATTRS));
-
- putService(new ProviderService(this, "Signature",
- "EdDSA", "sun.security.ec.ed.EdDSASignature", null, ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "Ed25519", "sun.security.ec.ed.EdDSASignature.Ed25519", ATTRS));
- putService(new ProviderServiceA(this, "Signature",
- "Ed448", "sun.security.ec.ed.EdDSASignature.Ed448", ATTRS));
+ if (!systemFipsEnabled) {
+ putService(new ProviderService(this, "KeyPairGenerator",
+ "EdDSA", "sun.security.ec.ed.EdDSAKeyPairGenerator", null, ATTRS));
+ putService(new ProviderServiceA(this, "KeyPairGenerator",
+ "Ed25519", "sun.security.ec.ed.EdDSAKeyPairGenerator.Ed25519",
+ ATTRS));
+ putService(new ProviderServiceA(this, "KeyPairGenerator",
+ "Ed448", "sun.security.ec.ed.EdDSAKeyPairGenerator.Ed448",
+ ATTRS));
+
+ putService(new ProviderService(this, "Signature",
+ "EdDSA", "sun.security.ec.ed.EdDSASignature", null, ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "Ed25519", "sun.security.ec.ed.EdDSASignature.Ed25519", ATTRS));
+ putService(new ProviderServiceA(this, "Signature",
+ "Ed448", "sun.security.ec.ed.EdDSASignature.Ed448", ATTRS));
+ }
}
}