Re: RFR: 8353113: Peer supported certificate signature algorithms are not being checked with default SunX509 key manager [v5]

Fri, 13 Jun 2025 07:46:33 -0700 

> When the deafult SunX509KeyManagerImpl is being used we are in violation of 
> TLSv1.3 RFC spec because we ignore peer supported certificate signatures sent 
> to us in "signature_algorithms"/"signature_algorithms_cert" extensions:
> https://datatracker.ietf.org/doc/html/rfc8446#section-4.4.2.2
> https://datatracker.ietf.org/doc/html/rfc8446#section-4.4.2.3
> 
> X509KeyManagerImpl on the other hand includes the algorithms sent by the peer 
> in "signature_algorithms_cert" extension (or in "signature_algorithms" 
> extension when "signature_algorithms_cert" extension isn't present) in the 
> algorithm constraints being checked.
> 
> **SUNX509 KeyManager performance before change**
> Benchmark                                    (resume)  (tlsVersion)   Mode  
> Cnt      Score     Error  Units
> SSLHandshake.doHandshake      true       TLSv1.2  thrpt   15  19758.012 ± 
> 758.237  ops/s
> SSLHandshake.doHandshake      true           TLS  thrpt   15   1861.695 ±  
> 14.681  ops/s
> SSLHandshake.doHandshake     false       TLSv1.2  thrpt   15   **1186.962** ± 
>  12.085  ops/s
> SSLHandshake.doHandshake     false           TLS  thrpt   15   **1056.288** ± 
>   7.197  ops/s
> 
> **SUNX509 KeyManager performance after change**
> Benchmark                 (resume)  (tlsVersion)   Mode  Cnt      Score     
> Error  Units
> SSLHandshake.doHandshake      true       TLSv1.2  thrpt   15  20954.399 ± 
> 260.817  ops/s
> SSLHandshake.doHandshake      true           TLS  thrpt   15   1813.401 ±  
> 13.917  ops/s
> SSLHandshake.doHandshake     false       TLSv1.2  thrpt   15   **1158.190** ± 
>   6.023  ops/s
> SSLHandshake.doHandshake     false           TLS  thrpt   15   **1012.988** ± 
>  10.943  ops/s

Artur Barashev has updated the pull request with a new target base due to a 
merge or a rebase. The incremental webrev excludes the unrelated changes 
brought in by the merge/rebase. The pull request contains 19 additional commits 
since the last revision:

 - Support certificate checks in SunX509 key manager
 - Address some review comments
 - Merge branch 'master' into JDK-8353113
 - Make the test run on TLSv1.3
 - Make sure the exception happens during KeyManager's algorithm check
 - Add PeerConstraintsCheck unit test
 - Add unit test
 - Code refactoring
 - Fix open unit tests
 - Adding a system property to skip the constraints checking. Remove SunX509c.
 - ... and 9 more: https://git.openjdk.org/jdk/compare/5479addb...448442e9

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/25016/files
  - new: https://git.openjdk.org/jdk/pull/25016/files/451e1efd..448442e9

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=25016&range=04
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=25016&range=03-04

  Stats: 228571 lines in 4300 files changed: 142799 ins; 58830 del; 26942 mod
  Patch: https://git.openjdk.org/jdk/pull/25016.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/25016/head:pull/25016

PR: https://git.openjdk.org/jdk/pull/25016

Reply via email to