diff --git a/SOURCES/jdk8223482-rh1860965-tls_offers_unsupported_ciphers.patch b/SOURCES/jdk8223482-rh1860965-tls_offers_unsupported_ciphers.patch new file mode 100644 index 0000000..e5f54c7 --- /dev/null +++ b/SOURCES/jdk8223482-rh1860965-tls_offers_unsupported_ciphers.patch @@ -0,0 +1,128 @@ +# HG changeset patch +# User mbalao +# Date 1559080898 10800 +# Tue May 28 19:01:38 2019 -0300 +# Node ID 3ba9c532128b1feccf59ab8ce812b1fce2b6f681 +# Parent 056a435ab5447c33aab61dd9179a67781e99c35d +8223482: Unsupported ciphersuites may be offered by a TLS client +Reviewed-by: andrew + +diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/CipherSuite.java openjdk/jdk/src/share/classes/sun/security/ssl/CipherSuite.java +--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/CipherSuite.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/CipherSuite.java +@@ -34,6 +34,7 @@ + import java.security.KeyManagementException; + + import javax.crypto.Cipher; ++import javax.crypto.NoSuchPaddingException; + import javax.crypto.SecretKey; + import javax.crypto.spec.IvParameterSpec; + import javax.crypto.spec.SecretKeySpec; +@@ -69,6 +70,8 @@ + */ + final class CipherSuite implements Comparable { + ++ private static final Debug debug = Debug.getInstance("ssl"); ++ + // minimum priority for supported CipherSuites + final static int SUPPORTED_SUITES_PRIORITY = 1; + +@@ -451,6 +454,22 @@ + } + } + ++ private static boolean isTransformationAvailable(String transformation) { ++ if (transformation.equals("NULL")) { ++ return true; ++ } ++ try { ++ Cipher.getInstance(transformation); ++ return true; ++ } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { ++ if (debug != null && Debug.isOn("ssl")) { ++ System.out.println("Transformation " + transformation + " is" + ++ " not available."); ++ } ++ } ++ return false; ++ } ++ + BulkCipher(String transformation, CipherType cipherType, int keySize, + int expandedKeySize, int ivSize, + int fixedIvSize, boolean allowed) { +@@ -470,14 +489,10 @@ + + // availability of this bulk cipher + // +- // Currently all supported ciphers except AES are always available +- // via the JSSE internal implementations. We also assume AES/128 of +- // CBC mode is always available since it is shipped with the SunJCE +- // provider. However, AES/256 is unavailable when the default JCE +- // policy jurisdiction files are installed because of key length +- // restrictions. +- this.isAvailable = +- allowed ? isUnlimited(keySize, transformation) : false; ++ // AES/256 is unavailable when the default JCE policy jurisdiction files ++ // are installed because of key length restrictions. ++ this.isAvailable = allowed && isUnlimited(keySize, transformation) && ++ isTransformationAvailable(transformation); + } + + BulkCipher(String transformation, CipherType cipherType, int keySize, +@@ -497,14 +512,11 @@ + + // availability of this bulk cipher + // +- // Currently all supported ciphers except AES are always available +- // via the JSSE internal implementations. We also assume AES/128 of +- // CBC mode is always available since it is shipped with the SunJCE +- // provider. However, AES/256 is unavailable when the default JCE +- // policy jurisdiction files are installed because of key length +- // restrictions. ++ // AES/256 is unavailable when the default JCE policy jurisdiction files ++ // are installed because of key length restrictions. + this.isAvailable = +- allowed ? isUnlimited(keySize, transformation) : false; ++ allowed ? isUnlimited(keySize, transformation) && ++ isTransformationAvailable(transformation) : false; + } + + /** +diff --git openjdk.orig/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java +--- openjdk.orig/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java ++++ openjdk/jdk/src/share/classes/sun/security/ssl/SSLContextImpl.java +@@ -339,7 +339,8 @@ + + if (suite.isAvailable() && + suite.obsoleted > protocols.min.v && +- suite.supported <= protocols.max.v) { ++ suite.supported <= protocols.max.v && ++ suite.cipher.isAvailable()) { + if (SSLAlgorithmConstraints.DEFAULT.permits( + EnumSet.of(CryptoPrimitive.KEY_AGREEMENT), + suite.name, null)) { +diff --git openjdk.orig/jdk/test/sun/security/pkcs11/fips/TestTLS12.java openjdk/jdk/test/sun/security/pkcs11/fips/TestTLS12.java +--- openjdk.orig/jdk/test/sun/security/pkcs11/fips/TestTLS12.java ++++ openjdk/jdk/test/sun/security/pkcs11/fips/TestTLS12.java +@@ -372,15 +372,20 @@ + + private static SSLEngine[][] getSSLEnginesToTest() throws Exception { + SSLEngine[][] enginesToTest = new SSLEngine[2][2]; ++ // TLS_RSA_WITH_AES_128_GCM_SHA256 ciphersuite is available but ++ // must not be chosen for the TLS connection if not supported. ++ // See JDK-8222937. + String[][] preferredSuites = new String[][]{ new String[] { ++ "TLS_RSA_WITH_AES_128_GCM_SHA256", + "TLS_RSA_WITH_AES_128_CBC_SHA256" + }, new String[] { ++ "TLS_RSA_WITH_AES_128_GCM_SHA256", + "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + }}; + for (int i = 0; i < enginesToTest.length; i++) { + enginesToTest[i][0] = createSSLEngine(true); + enginesToTest[i][1] = createSSLEngine(false); +- enginesToTest[i][0].setEnabledCipherSuites(preferredSuites[i]); ++ // All CipherSuites enabled for the client. + enginesToTest[i][1].setEnabledCipherSuites(preferredSuites[i]); + } + return enginesToTest; diff --git a/SOURCES/jdk8251117-rh1860990-pkcs11_key_length.patch b/SOURCES/jdk8251117-rh1860990-pkcs11_key_length.patch new file mode 100644 index 0000000..e17990f --- /dev/null +++ b/SOURCES/jdk8251117-rh1860990-pkcs11_key_length.patch @@ -0,0 +1,24 @@ +# HG changeset patch +# User mbalao +# Date 1596572361 10800 +# Tue Aug 04 17:19:21 2020 -0300 +# Node ID d8a0513b92ee262d4e64c1e13d43e1b3f3e5c5d5 +# Parent a259b5b1bc7cc4dd0d8fa19e8bdbf96a4e76224f +8251117: Cannot check P11Key size in P11Cipher and P11AEADCipher +Reviewed-by: andrew +Contributed-by: zzambers@redhat.com + +diff --git openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java +--- openjdk.orig/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java ++++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java +@@ -345,7 +345,9 @@ + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException { + reset(true); +- if (fixedKeySize != -1 && key.getEncoded().length != fixedKeySize) { ++ if (fixedKeySize != -1 && ++ ((key instanceof P11Key) ? ((P11Key) key).length() >> 3 : ++ key.getEncoded().length) != fixedKeySize) { + throw new InvalidKeyException("Key size is invalid"); + } + switch (opmode) { diff --git a/SPECS/java-1.8.0-openjdk.spec b/SPECS/java-1.8.0-openjdk.spec index 28056a9..92e04fa 100644 --- a/SPECS/java-1.8.0-openjdk.spec +++ b/SPECS/java-1.8.0-openjdk.spec @@ -244,7 +244,7 @@ %global updatever %(VERSION=%{whole_update}; echo ${VERSION##*u}) # eg jdk8u60-b27 -> b27 %global buildver %(VERSION=%{version_tag}; echo ${VERSION##*-}) -%global rpmrelease 1 +%global rpmrelease 3 # Define milestone (EA for pre-releases, GA ("fcs") for releases) # Release will be (where N is usually a number starting at 1): # - 0.N%%{?extraver}%%{?dist} for EA releases, @@ -1142,6 +1142,8 @@ Patch1001: rh1655466-global_crypto_and_fips.patch Patch1002: rh1760838-fips_default_keystore_type.patch # RH1582504: Use RSA as default for keytool, as DSA is disabled in all crypto policies except LEGACY Patch1003: rh1582504-rsa_default_for_keytool.patch +# JDK-8223482, RH1860965: Unsupported ciphersuites may be offered by a TLS client +Patch1004: jdk8223482-rh1860965-tls_offers_unsupported_ciphers.patch ############################################# # @@ -1228,6 +1230,9 @@ Patch204: jdk8042159-allow_using_system_installed_lcms2-jdk.patch Patch579: jdk8165996-pr3506-rh1760437-nss_sqlite_db.patch # JDK-8195607, PR3776, RH1760437: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1 Patch580: jdk8195607-pr3776-rh1760437-nss_sqlite_db_config.patch +# JDK-8251117, RH1860990: Cannot check P11Key size in P11Cipher and P11AEADCipher +# RPM version excludes changes to P11AEADCipher as JDK-8080462 is not yet in 8u +Patch581: jdk8251117-rh1860990-pkcs11_key_length.patch ############################################# # @@ -1658,6 +1663,7 @@ sh %{SOURCE12} %patch577 %patch579 %patch580 +%patch581 # RPM-only fixes %patch539 @@ -1665,6 +1671,7 @@ sh %{SOURCE12} %patch1001 %patch1002 %patch1003 +%patch1004 # RHEL-only patches %if ! 0%{?fedora} && 0%{?rhel} <= 7 @@ -2350,6 +2357,14 @@ require "copy_jdk_configs.lua" %endif %changelog +* Tue Aug 25 2020 Andrew Hughes - 1:1.8.0.265.b01-3 +- Add backport of JDK-8251117 to allow key length to be retrieved from PKCS#11 FIPS keys +- Resolves: rhbz#1860993 + +* Tue Aug 25 2020 Andrew Hughes - 1:1.8.0.265.b01-2 +- Add backport of JDK-8223482 so PKCS#11 FIPS provider does not offer unsupported ciphers. +- Resolves: rhbz#1860965 + * Mon Jul 27 2020 Andrew Hughes - 1:1.8.0.265.b01-1 - Update to aarch64-shenandoah-jdk8u265-b01. - Update release notes for 8u265 release.