From 0e6afcd263f74284547b1bf0a70523637ae33c0f Mon Sep 17 00:00:00 2001 From: rpatil Date: Tue, 17 Oct 2017 10:45:18 +0530 Subject: [PATCH] 8185909: Disable JARs signed with DSA keys less than 1024 bits Reviewed-by: mullan, coffeys Contributed-by: prasadarao.koppula@oracle.com --- src/share/lib/security/java.security-aix | 2 +- src/share/lib/security/java.security-linux | 2 +- src/share/lib/security/java.security-macosx | 2 +- src/share/lib/security/java.security-solaris | 2 +- src/share/lib/security/java.security-windows | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/share/lib/security/java.security-aix b/src/share/lib/security/java.security-aix index 1d7a8d981..22b4698f5 100644 --- a/src/share/lib/security/java.security-aix +++ b/src/share/lib/security/java.security-aix @@ -585,7 +585,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security diff --git a/src/share/lib/security/java.security-linux b/src/share/lib/security/java.security-linux index 9643a099a..5ea9123a5 100644 --- a/src/share/lib/security/java.security-linux +++ b/src/share/lib/security/java.security-linux @@ -585,7 +585,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security diff --git a/src/share/lib/security/java.security-macosx b/src/share/lib/security/java.security-macosx index 84fcdbec4..f3b4daf82 100644 --- a/src/share/lib/security/java.security-macosx +++ b/src/share/lib/security/java.security-macosx @@ -588,7 +588,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security diff --git a/src/share/lib/security/java.security-solaris b/src/share/lib/security/java.security-solaris index 2d53ad050..17d066b2e 100644 --- a/src/share/lib/security/java.security-solaris +++ b/src/share/lib/security/java.security-solaris @@ -587,7 +587,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security diff --git a/src/share/lib/security/java.security-windows b/src/share/lib/security/java.security-windows index d7db1d389..721696f82 100644 --- a/src/share/lib/security/java.security-windows +++ b/src/share/lib/security/java.security-windows @@ -588,7 +588,7 @@ jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ # # See "jdk.certpath.disabledAlgorithms" for syntax descriptions. # -jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024 +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024 # # Algorithm restrictions for Secure Socket Layer/Transport Layer Security -- GitLab