annotate src/share/lib/security/java.security-macosx @ 12028:75f31e0bd829

8156804: Better constraint checking Summary: Apply serialization filtering to RMI Registry and DGC Reviewed-by: dfuchs, ahgross
author rriggs
date Fri, 07 Oct 2016 15:43:53 -0400
parents 09c05d3bf23e
children ae14b213f964
rev   line source
michaelm@5116 1 #
michaelm@5116 2 # This is the "master security properties file".
michaelm@5116 3 #
mullan@5591 4 # An alternate java.security properties file may be specified
mullan@5591 5 # from the command line via the system property
mullan@5591 6 #
mullan@5591 7 # -Djava.security.properties=<URL>
mullan@5591 8 #
mullan@5591 9 # This properties file appends to the master security properties file.
mullan@5591 10 # If both properties files specify values for the same key, the value
mullan@5591 11 # from the command-line properties file is selected, as it is the last
mullan@5591 12 # one loaded.
mullan@5591 13 #
mullan@5591 14 # Also, if you specify
mullan@5591 15 #
mullan@5591 16 # -Djava.security.properties==<URL> (2 equals),
mullan@5591 17 #
mullan@5591 18 # then that properties file completely overrides the master security
mullan@5591 19 # properties file.
mullan@5591 20 #
mullan@5591 21 # To disable the ability to specify an additional properties file from
mullan@5591 22 # the command line, set the key security.overridePropertiesFile
mullan@5591 23 # to false in the master security properties file. It is set to true
mullan@5591 24 # by default.
mullan@5591 25
michaelm@5116 26 # In this file, various security properties are set for use by
michaelm@5116 27 # java.security classes. This is where users can statically register
michaelm@5116 28 # Cryptography Package Providers ("providers" for short). The term
michaelm@5116 29 # "provider" refers to a package or set of packages that supply a
michaelm@5116 30 # concrete implementation of a subset of the cryptography aspects of
michaelm@5116 31 # the Java Security API. A provider may, for example, implement one or
michaelm@5116 32 # more digital signature algorithms or message digest algorithms.
michaelm@5116 33 #
michaelm@5116 34 # Each provider must implement a subclass of the Provider class.
michaelm@5116 35 # To register a provider in this master security properties file,
michaelm@5116 36 # specify the Provider subclass name and priority in the format
michaelm@5116 37 #
michaelm@5116 38 # security.provider.<n>=<className>
michaelm@5116 39 #
michaelm@5116 40 # This declares a provider, and specifies its preference
michaelm@5116 41 # order n. The preference order is the order in which providers are
michaelm@5116 42 # searched for requested algorithms (when no specific provider is
michaelm@5116 43 # requested). The order is 1-based; 1 is the most preferred, followed
michaelm@5116 44 # by 2, and so on.
michaelm@5116 45 #
michaelm@5116 46 # <className> must specify the subclass of the Provider class whose
michaelm@5116 47 # constructor sets the values of various properties that are required
michaelm@5116 48 # for the Java Security API to look up the algorithms or other
michaelm@5116 49 # facilities implemented by the provider.
michaelm@5116 50 #
michaelm@5116 51 # There must be at least one provider specification in java.security.
michaelm@5116 52 # There is a default provider that comes standard with the JDK. It
michaelm@5116 53 # is called the "SUN" provider, and its Provider subclass
michaelm@5116 54 # named Sun appears in the sun.security.provider package. Thus, the
michaelm@5116 55 # "SUN" provider is registered via the following:
michaelm@5116 56 #
michaelm@5116 57 # security.provider.1=sun.security.provider.Sun
michaelm@5116 58 #
michaelm@5116 59 # (The number 1 is used for the default provider.)
michaelm@5116 60 #
michaelm@5116 61 # Note: Providers can be dynamically registered instead by calls to
michaelm@5116 62 # either the addProvider or insertProviderAt method in the Security
michaelm@5116 63 # class.
michaelm@5116 64
michaelm@5116 65 #
michaelm@5116 66 # List of providers and their preference orders (see above):
michaelm@5116 67 #
michaelm@5116 68 security.provider.1=sun.security.provider.Sun
michaelm@5116 69 security.provider.2=sun.security.rsa.SunRsaSign
michaelm@5116 70 security.provider.3=sun.security.ec.SunEC
michaelm@5116 71 security.provider.4=com.sun.net.ssl.internal.ssl.Provider
michaelm@5116 72 security.provider.5=com.sun.crypto.provider.SunJCE
michaelm@5116 73 security.provider.6=sun.security.jgss.SunProvider
michaelm@5116 74 security.provider.7=com.sun.security.sasl.Provider
michaelm@5116 75 security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI
michaelm@5116 76 security.provider.9=sun.security.smartcardio.SunPCSC
michaelm@5116 77 security.provider.10=apple.security.AppleProvider
michaelm@5116 78
michaelm@5116 79 #
wetmore@6960 80 # Sun Provider SecureRandom seed source.
michaelm@5116 81 #
wetmore@6960 82 # Select the primary source of seed data for the "SHA1PRNG" and
wetmore@6960 83 # "NativePRNG" SecureRandom implementations in the "Sun" provider.
wetmore@6960 84 # (Other SecureRandom implementations might also use this property.)
michaelm@5116 85 #
wetmore@6960 86 # On Unix-like systems (for example, Solaris/Linux/MacOS), the
wetmore@6960 87 # "NativePRNG" and "SHA1PRNG" implementations obtains seed data from
wetmore@6960 88 # special device files such as file:/dev/random.
michaelm@5116 89 #
wetmore@6960 90 # On Windows systems, specifying the URLs "file:/dev/random" or
wetmore@6960 91 # "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding
wetmore@6960 92 # mechanism for SHA1PRNG.
michaelm@5116 93 #
wetmore@6960 94 # By default, an attempt is made to use the entropy gathering device
wetmore@6960 95 # specified by the "securerandom.source" Security property. If an
wetmore@6960 96 # exception occurs while accessing the specified URL:
wetmore@6960 97 #
wetmore@6960 98 # SHA1PRNG:
wetmore@6960 99 # the traditional system/thread activity algorithm will be used.
wetmore@6960 100 #
wetmore@6960 101 # NativePRNG:
wetmore@6960 102 # a default value of /dev/random will be used. If neither
wetmore@6960 103 # are available, the implementation will be disabled.
wetmore@6960 104 # "file" is the only currently supported protocol type.
wetmore@6960 105 #
wetmore@6960 106 # The entropy gathering device can also be specified with the System
wetmore@6960 107 # property "java.security.egd". For example:
wetmore@6960 108 #
wetmore@6960 109 # % java -Djava.security.egd=file:/dev/random MainClass
wetmore@6960 110 #
wetmore@6960 111 # Specifying this System property will override the
wetmore@6960 112 # "securerandom.source" Security property.
wetmore@6960 113 #
wetmore@6960 114 # In addition, if "file:/dev/random" or "file:/dev/urandom" is
wetmore@6960 115 # specified, the "NativePRNG" implementation will be more preferred than
wetmore@6960 116 # SHA1PRNG in the Sun provider.
wetmore@6960 117 #
wetmore@6960 118 securerandom.source=file:/dev/random
wetmore@6960 119
wetmore@6960 120 #
wetmore@6960 121 # A list of known strong SecureRandom implementations.
wetmore@6960 122 #
wetmore@6960 123 # To help guide applications in selecting a suitable strong
wetmore@6960 124 # java.security.SecureRandom implementation, Java distributions should
wetmore@6960 125 # indicate a list of known strong implementations using the property.
wetmore@6960 126 #
wetmore@6960 127 # This is a comma-separated list of algorithm and/or algorithm:provider
wetmore@6960 128 # entries.
wetmore@6960 129 #
wetmore@6960 130 securerandom.strongAlgorithms=NativePRNGBlocking:SUN
michaelm@5116 131
michaelm@5116 132 #
michaelm@5116 133 # Class to instantiate as the javax.security.auth.login.Configuration
michaelm@5116 134 # provider.
michaelm@5116 135 #
mullan@7861 136 login.configuration.provider=sun.security.provider.ConfigFile
michaelm@5116 137
michaelm@5116 138 #
michaelm@5116 139 # Default login configuration file
michaelm@5116 140 #
michaelm@5116 141 #login.config.url.1=file:${user.home}/.java.login.config
michaelm@5116 142
michaelm@5116 143 #
michaelm@5116 144 # Class to instantiate as the system Policy. This is the name of the class
michaelm@5116 145 # that will be used as the Policy object.
michaelm@5116 146 #
michaelm@5116 147 policy.provider=sun.security.provider.PolicyFile
michaelm@5116 148
michaelm@5116 149 # The default is to have a single system-wide policy file,
michaelm@5116 150 # and a policy file in the user's home directory.
michaelm@5116 151 policy.url.1=file:${java.home}/lib/security/java.policy
michaelm@5116 152 policy.url.2=file:${user.home}/.java.policy
michaelm@5116 153
michaelm@5116 154 # whether or not we expand properties in the policy file
michaelm@5116 155 # if this is set to false, properties (${...}) will not be expanded in policy
michaelm@5116 156 # files.
michaelm@5116 157 policy.expandProperties=true
michaelm@5116 158
michaelm@5116 159 # whether or not we allow an extra policy to be passed on the command line
michaelm@5116 160 # with -Djava.security.policy=somefile. Comment out this line to disable
michaelm@5116 161 # this feature.
michaelm@5116 162 policy.allowSystemProperty=true
michaelm@5116 163
michaelm@5116 164 # whether or not we look into the IdentityScope for trusted Identities
michaelm@5116 165 # when encountering a 1.1 signed JAR file. If the identity is found
michaelm@5116 166 # and is trusted, we grant it AllPermission.
michaelm@5116 167 policy.ignoreIdentityScope=false
michaelm@5116 168
michaelm@5116 169 #
michaelm@5116 170 # Default keystore type.
michaelm@5116 171 #
michaelm@5116 172 keystore.type=jks
michaelm@5116 173
michaelm@5116 174 #
vinnie@10895 175 # Controls compatibility mode for the JKS keystore type.
vinnie@10895 176 #
vinnie@10895 177 # When set to 'true', the JKS keystore type supports loading
vinnie@10895 178 # keystore files in either JKS or PKCS12 format. When set to 'false'
vinnie@10895 179 # it supports loading only JKS keystore files.
vinnie@10895 180 #
vinnie@10895 181 keystore.type.compat=true
vinnie@10895 182
vinnie@10895 183 #
michaelm@5116 184 # List of comma-separated packages that start with or equal this string
michaelm@5116 185 # will cause a security exception to be thrown when
michaelm@5116 186 # passed to checkPackageAccess unless the
michaelm@5116 187 # corresponding RuntimePermission ("accessClassInPackage."+package) has
michaelm@5116 188 # been granted.
mullan@6721 189 package.access=sun.,\
mkos@6940 190 com.sun.xml.internal.,\
mullan@6721 191 com.sun.imageio.,\
mchung@6739 192 com.sun.istack.internal.,\
dfuchs@6747 193 com.sun.jmx.,\
mullan@7963 194 com.sun.media.sound.,\
weijun@9023 195 com.sun.naming.internal.,\
mchung@6746 196 com.sun.proxy.,\
alanb@8604 197 com.sun.corba.se.,\
joehw@6939 198 com.sun.org.apache.bcel.internal.,\
joehw@6939 199 com.sun.org.apache.regexp.internal.,\
joehw@6939 200 com.sun.org.apache.xerces.internal.,\
joehw@6939 201 com.sun.org.apache.xpath.internal.,\
joehw@6939 202 com.sun.org.apache.xalan.internal.extensions.,\
joehw@6939 203 com.sun.org.apache.xalan.internal.lib.,\
joehw@6939 204 com.sun.org.apache.xalan.internal.res.,\
joehw@6939 205 com.sun.org.apache.xalan.internal.templates.,\
mullan@6721 206 com.sun.org.apache.xalan.internal.utils.,\
joehw@6939 207 com.sun.org.apache.xalan.internal.xslt.,\
joehw@6939 208 com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
joehw@6939 209 com.sun.org.apache.xalan.internal.xsltc.compiler.,\
joehw@6939 210 com.sun.org.apache.xalan.internal.xsltc.trax.,\
joehw@6939 211 com.sun.org.apache.xalan.internal.xsltc.util.,\
joehw@6939 212 com.sun.org.apache.xml.internal.res.,\
mullan@7449 213 com.sun.org.apache.xml.internal.security.,\
joehw@6939 214 com.sun.org.apache.xml.internal.serializer.utils.,\
joehw@6939 215 com.sun.org.apache.xml.internal.utils.,\
mullan@6938 216 com.sun.org.glassfish.,\
alanb@6870 217 com.oracle.xmlns.internal.,\
alanb@6870 218 com.oracle.webservices.internal.,\
mullan@8469 219 oracle.jrockit.jfr.,\
mullan@7449 220 org.jcp.xml.dsig.internal.,\
chegar@6946 221 jdk.internal.,\
chegar@6946 222 jdk.nashorn.internal.,\
chegar@6946 223 jdk.nashorn.tools.,\
mkos@9252 224 com.sun.activation.registries.,\
mullan@8469 225 apple.
michaelm@5116 226
michaelm@5116 227 #
michaelm@5116 228 # List of comma-separated packages that start with or equal this string
michaelm@5116 229 # will cause a security exception to be thrown when
michaelm@5116 230 # passed to checkPackageDefinition unless the
michaelm@5116 231 # corresponding RuntimePermission ("defineClassInPackage."+package) has
michaelm@5116 232 # been granted.
michaelm@5116 233 #
asaha@5565 234 # by default, none of the class loaders supplied with the JDK call
asaha@5565 235 # checkPackageDefinition.
michaelm@5116 236 #
mullan@6721 237 package.definition=sun.,\
mkos@6940 238 com.sun.xml.internal.,\
mullan@6721 239 com.sun.imageio.,\
mchung@6739 240 com.sun.istack.internal.,\
dfuchs@6747 241 com.sun.jmx.,\
mullan@7963 242 com.sun.media.sound.,\
weijun@9023 243 com.sun.naming.internal.,\
mchung@6746 244 com.sun.proxy.,\
alanb@8604 245 com.sun.corba.se.,\
joehw@6939 246 com.sun.org.apache.bcel.internal.,\
joehw@6939 247 com.sun.org.apache.regexp.internal.,\
joehw@6939 248 com.sun.org.apache.xerces.internal.,\
joehw@6939 249 com.sun.org.apache.xpath.internal.,\
joehw@6939 250 com.sun.org.apache.xalan.internal.extensions.,\
joehw@6939 251 com.sun.org.apache.xalan.internal.lib.,\
joehw@6939 252 com.sun.org.apache.xalan.internal.res.,\
joehw@6939 253 com.sun.org.apache.xalan.internal.templates.,\
mullan@6721 254 com.sun.org.apache.xalan.internal.utils.,\
joehw@6939 255 com.sun.org.apache.xalan.internal.xslt.,\
joehw@6939 256 com.sun.org.apache.xalan.internal.xsltc.cmdline.,\
joehw@6939 257 com.sun.org.apache.xalan.internal.xsltc.compiler.,\
joehw@6939 258 com.sun.org.apache.xalan.internal.xsltc.trax.,\
joehw@6939 259 com.sun.org.apache.xalan.internal.xsltc.util.,\
joehw@6939 260 com.sun.org.apache.xml.internal.res.,\
mullan@7449 261 com.sun.org.apache.xml.internal.security.,\
joehw@6939 262 com.sun.org.apache.xml.internal.serializer.utils.,\
joehw@6939 263 com.sun.org.apache.xml.internal.utils.,\
mullan@6938 264 com.sun.org.glassfish.,\
alanb@6870 265 com.oracle.xmlns.internal.,\
alanb@6870 266 com.oracle.webservices.internal.,\
mullan@8469 267 oracle.jrockit.jfr.,\
mullan@7449 268 org.jcp.xml.dsig.internal.,\
chegar@6946 269 jdk.internal.,\
chegar@6946 270 jdk.nashorn.internal.,\
chegar@6946 271 jdk.nashorn.tools.,\
mkos@9252 272 com.sun.activation.registries.,\
mullan@8469 273 apple.
michaelm@5116 274
michaelm@5116 275 #
michaelm@5116 276 # Determines whether this properties file can be appended to
michaelm@5116 277 # or overridden on the command line via -Djava.security.properties
michaelm@5116 278 #
michaelm@5116 279 security.overridePropertiesFile=true
michaelm@5116 280
michaelm@5116 281 #
michaelm@5116 282 # Determines the default key and trust manager factory algorithms for
michaelm@5116 283 # the javax.net.ssl package.
michaelm@5116 284 #
michaelm@5116 285 ssl.KeyManagerFactory.algorithm=SunX509
michaelm@5116 286 ssl.TrustManagerFactory.algorithm=PKIX
michaelm@5116 287
michaelm@5116 288 #
michaelm@5116 289 # The Java-level namelookup cache policy for successful lookups:
michaelm@5116 290 #
michaelm@5116 291 # any negative value: caching forever
michaelm@5116 292 # any positive value: the number of seconds to cache an address for
michaelm@5116 293 # zero: do not cache
michaelm@5116 294 #
michaelm@5116 295 # default value is forever (FOREVER). For security reasons, this
michaelm@5116 296 # caching is made forever when a security manager is set. When a security
michaelm@5116 297 # manager is not set, the default behavior in this implementation
michaelm@5116 298 # is to cache for 30 seconds.
michaelm@5116 299 #
michaelm@5116 300 # NOTE: setting this to anything other than the default value can have
michaelm@5116 301 # serious security implications. Do not set it unless
michaelm@5116 302 # you are sure you are not exposed to DNS spoofing attack.
michaelm@5116 303 #
michaelm@5116 304 #networkaddress.cache.ttl=-1
michaelm@5116 305
michaelm@5116 306 # The Java-level namelookup cache policy for failed lookups:
michaelm@5116 307 #
michaelm@5116 308 # any negative value: cache forever
michaelm@5116 309 # any positive value: the number of seconds to cache negative lookup results
michaelm@5116 310 # zero: do not cache
michaelm@5116 311 #
michaelm@5116 312 # In some Microsoft Windows networking environments that employ
michaelm@5116 313 # the WINS name service in addition to DNS, name service lookups
michaelm@5116 314 # that fail may take a noticeably long time to return (approx. 5 seconds).
michaelm@5116 315 # For this reason the default caching policy is to maintain these
michaelm@5116 316 # results for 10 seconds.
michaelm@5116 317 #
michaelm@5116 318 #
michaelm@5116 319 networkaddress.cache.negative.ttl=10
michaelm@5116 320
michaelm@5116 321 #
michaelm@5116 322 # Properties to configure OCSP for certificate revocation checking
michaelm@5116 323 #
michaelm@5116 324
michaelm@5116 325 # Enable OCSP
michaelm@5116 326 #
michaelm@5116 327 # By default, OCSP is not used for certificate revocation checking.
michaelm@5116 328 # This property enables the use of OCSP when set to the value "true".
michaelm@5116 329 #
michaelm@5116 330 # NOTE: SocketPermission is required to connect to an OCSP responder.
michaelm@5116 331 #
michaelm@5116 332 # Example,
michaelm@5116 333 # ocsp.enable=true
michaelm@5116 334
michaelm@5116 335 #
michaelm@5116 336 # Location of the OCSP responder
michaelm@5116 337 #
michaelm@5116 338 # By default, the location of the OCSP responder is determined implicitly
michaelm@5116 339 # from the certificate being validated. This property explicitly specifies
michaelm@5116 340 # the location of the OCSP responder. The property is used when the
michaelm@5116 341 # Authority Information Access extension (defined in RFC 3280) is absent
michaelm@5116 342 # from the certificate or when it requires overriding.
michaelm@5116 343 #
michaelm@5116 344 # Example,
michaelm@5116 345 # ocsp.responderURL=http://ocsp.example.net:80
michaelm@5116 346
michaelm@5116 347 #
michaelm@5116 348 # Subject name of the OCSP responder's certificate
michaelm@5116 349 #
michaelm@5116 350 # By default, the certificate of the OCSP responder is that of the issuer
michaelm@5116 351 # of the certificate being validated. This property identifies the certificate
michaelm@5116 352 # of the OCSP responder when the default does not apply. Its value is a string
michaelm@5116 353 # distinguished name (defined in RFC 2253) which identifies a certificate in
michaelm@5116 354 # the set of certificates supplied during cert path validation. In cases where
michaelm@5116 355 # the subject name alone is not sufficient to uniquely identify the certificate
michaelm@5116 356 # then both the "ocsp.responderCertIssuerName" and
michaelm@5116 357 # "ocsp.responderCertSerialNumber" properties must be used instead. When this
michaelm@5116 358 # property is set then those two properties are ignored.
michaelm@5116 359 #
michaelm@5116 360 # Example,
michaelm@5116 361 # ocsp.responderCertSubjectName="CN=OCSP Responder, O=XYZ Corp"
michaelm@5116 362
michaelm@5116 363 #
michaelm@5116 364 # Issuer name of the OCSP responder's certificate
michaelm@5116 365 #
michaelm@5116 366 # By default, the certificate of the OCSP responder is that of the issuer
michaelm@5116 367 # of the certificate being validated. This property identifies the certificate
michaelm@5116 368 # of the OCSP responder when the default does not apply. Its value is a string
michaelm@5116 369 # distinguished name (defined in RFC 2253) which identifies a certificate in
michaelm@5116 370 # the set of certificates supplied during cert path validation. When this
michaelm@5116 371 # property is set then the "ocsp.responderCertSerialNumber" property must also
michaelm@5116 372 # be set. When the "ocsp.responderCertSubjectName" property is set then this
michaelm@5116 373 # property is ignored.
michaelm@5116 374 #
michaelm@5116 375 # Example,
michaelm@5116 376 # ocsp.responderCertIssuerName="CN=Enterprise CA, O=XYZ Corp"
michaelm@5116 377
michaelm@5116 378 #
michaelm@5116 379 # Serial number of the OCSP responder's certificate
michaelm@5116 380 #
michaelm@5116 381 # By default, the certificate of the OCSP responder is that of the issuer
michaelm@5116 382 # of the certificate being validated. This property identifies the certificate
michaelm@5116 383 # of the OCSP responder when the default does not apply. Its value is a string
michaelm@5116 384 # of hexadecimal digits (colon or space separators may be present) which
michaelm@5116 385 # identifies a certificate in the set of certificates supplied during cert path
michaelm@5116 386 # validation. When this property is set then the "ocsp.responderCertIssuerName"
michaelm@5116 387 # property must also be set. When the "ocsp.responderCertSubjectName" property
michaelm@5116 388 # is set then this property is ignored.
michaelm@5116 389 #
michaelm@5116 390 # Example,
michaelm@5116 391 # ocsp.responderCertSerialNumber=2A:FF:00
michaelm@5116 392
michaelm@5116 393 #
michaelm@5116 394 # Policy for failed Kerberos KDC lookups:
michaelm@5116 395 #
michaelm@5116 396 # When a KDC is unavailable (network error, service failure, etc), it is
michaelm@5116 397 # put inside a blacklist and accessed less often for future requests. The
michaelm@5116 398 # value (case-insensitive) for this policy can be:
michaelm@5116 399 #
michaelm@5116 400 # tryLast
michaelm@5116 401 # KDCs in the blacklist are always tried after those not on the list.
michaelm@5116 402 #
michaelm@5116 403 # tryLess[:max_retries,timeout]
michaelm@5116 404 # KDCs in the blacklist are still tried by their order in the configuration,
michaelm@5116 405 # but with smaller max_retries and timeout values. max_retries and timeout
michaelm@5116 406 # are optional numerical parameters (default 1 and 5000, which means once
michaelm@5116 407 # and 5 seconds). Please notes that if any of the values defined here is
michaelm@5116 408 # more than what is defined in krb5.conf, it will be ignored.
michaelm@5116 409 #
michaelm@5116 410 # Whenever a KDC is detected as available, it is removed from the blacklist.
michaelm@5116 411 # The blacklist is reset when krb5.conf is reloaded. You can add
michaelm@5116 412 # refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is
michaelm@5116 413 # reloaded whenever a JAAS authentication is attempted.
michaelm@5116 414 #
michaelm@5116 415 # Example,
michaelm@5116 416 # krb5.kdc.bad.policy = tryLast
michaelm@5116 417 # krb5.kdc.bad.policy = tryLess:2,2000
michaelm@5116 418 krb5.kdc.bad.policy = tryLast
michaelm@5116 419
michaelm@5116 420 # Algorithm restrictions for certification path (CertPath) processing
michaelm@5116 421 #
michaelm@5116 422 # In some environments, certain algorithms or key lengths may be undesirable
michaelm@5116 423 # for certification path building and validation. For example, "MD2" is
michaelm@5116 424 # generally no longer considered to be a secure hash algorithm. This section
michaelm@5116 425 # describes the mechanism for disabling algorithms based on algorithm name
michaelm@5116 426 # and/or key length. This includes algorithms used in certificates, as well
michaelm@5116 427 # as revocation information such as CRLs and signed OCSP Responses.
igerasim@12014 428 # The syntax of the disabled algorithm string is described as follows:
michaelm@5116 429 # DisabledAlgorithms:
michaelm@5116 430 # " DisabledAlgorithm { , DisabledAlgorithm } "
michaelm@5116 431 #
michaelm@5116 432 # DisabledAlgorithm:
robm@12003 433 # AlgorithmName [Constraint] { '&' Constraint }
michaelm@5116 434 #
michaelm@5116 435 # AlgorithmName:
michaelm@5116 436 # (see below)
michaelm@5116 437 #
michaelm@5116 438 # Constraint:
igerasim@12014 439 # KeySizeConstraint | CAConstraint | DenyAfterConstraint
michaelm@5116 440 #
michaelm@5116 441 # KeySizeConstraint:
igerasim@12014 442 # keySize Operator KeyLength
michaelm@5116 443 #
michaelm@5116 444 # Operator:
michaelm@5116 445 # <= | < | == | != | >= | >
michaelm@5116 446 #
igerasim@12014 447 # KeyLength:
igerasim@12014 448 # Integer value of the algorithm's key length in bits
michaelm@5116 449 #
igerasim@12014 450 # CAConstraint:
igerasim@12014 451 # jdkCA
michaelm@5116 452 #
igerasim@12014 453 # DenyAfterConstraint:
igerasim@12014 454 # denyAfter YYYY-MM-DD
michaelm@5116 455 #
michaelm@5116 456 # The "AlgorithmName" is the standard algorithm name of the disabled
michaelm@5116 457 # algorithm. See "Java Cryptography Architecture Standard Algorithm Name
michaelm@5116 458 # Documentation" for information about Standard Algorithm Names. Matching
michaelm@5116 459 # is performed using a case-insensitive sub-element matching rule. (For
michaelm@5116 460 # example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and
michaelm@5116 461 # "ECDSA" for signatures.) If the assertion "AlgorithmName" is a
michaelm@5116 462 # sub-element of the certificate algorithm name, the algorithm will be
michaelm@5116 463 # rejected during certification path building and validation. For example,
michaelm@5116 464 # the assertion algorithm name "DSA" will disable all certificate algorithms
michaelm@5116 465 # that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion
michaelm@5116 466 # will not disable algorithms related to "ECDSA".
michaelm@5116 467 #
igerasim@12014 468 # A "Constraint" defines restrictions on the keys and/or certificates for
igerasim@12014 469 # a specified AlgorithmName:
igerasim@11947 470 #
igerasim@12014 471 # KeySizeConstraint:
igerasim@12014 472 # keySize Operator KeyLength
igerasim@12014 473 # The constraint requires a key of a valid size range if the
igerasim@12014 474 # "AlgorithmName" is of a key algorithm. The "KeyLength" indicates
igerasim@12014 475 # the key size specified in number of bits. For example,
igerasim@12014 476 # "RSA keySize <= 1024" indicates that any RSA key with key size less
igerasim@12014 477 # than or equal to 1024 bits should be disabled, and
igerasim@12014 478 # "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key
igerasim@12014 479 # with key size less than 1024 or greater than 2048 should be disabled.
igerasim@12014 480 # This constraint is only used on algorithms that have a key size.
robm@12003 481 #
igerasim@12014 482 # CAConstraint:
igerasim@12014 483 # jdkCA
igerasim@12014 484 # This constraint prohibits the specified algorithm only if the
igerasim@12014 485 # algorithm is used in a certificate chain that terminates at a marked
igerasim@12014 486 # trust anchor in the lib/security/cacerts keystore. If the jdkCA
igerasim@12014 487 # constraint is not set, then all chains using the specified algorithm
igerasim@12014 488 # are restricted. jdkCA may only be used once in a DisabledAlgorithm
igerasim@12014 489 # expression.
igerasim@12014 490 # Example:  To apply this constraint to SHA-1 certificates, include
igerasim@12014 491 # the following:  "SHA1 jdkCA"
igerasim@12014 492 #
igerasim@12014 493 # DenyAfterConstraint:
igerasim@12014 494 # denyAfter YYYY-MM-DD
igerasim@12014 495 # This constraint prohibits a certificate with the specified algorithm
igerasim@12014 496 # from being used after the date regardless of the certificate's
igerasim@12014 497 # validity.  JAR files that are signed and timestamped before the
igerasim@12014 498 # constraint date with certificates containing the disabled algorithm
igerasim@12014 499 # will not be restricted.  The date is processed in the UTC timezone.
igerasim@12014 500 # This constraint can only be used once in a DisabledAlgorithm
igerasim@12014 501 # expression.
igerasim@12014 502 # Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020,
igerasim@12014 503 # use the following: "RSA keySize == 2048 & denyAfter 2020-02-03"
robm@12003 504 #
robm@12003 505 # When an algorithm must satisfy more than one constraint, it must be
robm@12003 506 # delimited by an ampersand '&'. For example, to restrict certificates in a
robm@12003 507 # chain that terminate at a distribution provided trust anchor and contain
robm@12003 508 # RSA keys that are less than or equal to 1024 bits, add the following
robm@12003 509 # constraint: "RSA keySize <= 1024 & jdkCA".
robm@12003 510 #
robm@12003 511 # All DisabledAlgorithms expressions are processed in the order defined in the
robm@12003 512 # property. This requires lower keysize constraints to be specified
robm@12003 513 # before larger keysize constraints of the same algorithm. For example:
robm@12003 514 # "RSA keySize < 1024 & jdkCA, RSA keySize < 2048".
michaelm@5116 515 #
michaelm@5116 516 # Note: This property is currently used by Oracle's PKIX implementation. It
michaelm@5116 517 # is not guaranteed to be examined and used by other implementations.
michaelm@5116 518 #
michaelm@5116 519 # Example:
michaelm@5116 520 # jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048
michaelm@5116 521 #
michaelm@5116 522 #
robm@12000 523 jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
coffeys@12006 524 DSA keySize < 1024, EC keySize < 224
michaelm@5116 525
michaelm@5116 526 # Algorithm restrictions for Secure Socket Layer/Transport Layer Security
michaelm@5116 527 # (SSL/TLS) processing
michaelm@5116 528 #
michaelm@5116 529 # In some environments, certain algorithms or key lengths may be undesirable
michaelm@5116 530 # when using SSL/TLS. This section describes the mechanism for disabling
xuelei@9986 531 # algorithms during SSL/TLS security parameters negotiation, including
xuelei@9986 532 # protocol version negotiation, cipher suites selection, peer authentication
xuelei@9986 533 # and key exchange mechanisms.
xuelei@9986 534 #
xuelei@9986 535 # Disabled algorithms will not be negotiated for SSL/TLS connections, even
xuelei@9986 536 # if they are enabled explicitly in an application.
michaelm@5116 537 #
michaelm@5116 538 # For PKI-based peer authentication and key exchange mechanisms, this list
michaelm@5116 539 # of disabled algorithms will also be checked during certification path
michaelm@5116 540 # building and validation, including algorithms used in certificates, as
michaelm@5116 541 # well as revocation information such as CRLs and signed OCSP Responses.
michaelm@5116 542 # This is in addition to the jdk.certpath.disabledAlgorithms property above.
michaelm@5116 543 #
michaelm@5116 544 # See the specification of "jdk.certpath.disabledAlgorithms" for the
michaelm@5116 545 # syntax of the disabled algorithm string.
michaelm@5116 546 #
igerasim@12005 547 # Note: This property is currently used by the JDK Reference implementation.
michaelm@5116 548 # It is not guaranteed to be examined and used by other implementations.
michaelm@5116 549 #
michaelm@5116 550 # Example:
xuelei@9986 551 # jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048
coffeys@12006 552 jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, \
coffeys@12006 553 EC keySize < 224
asmotrak@10555 554
asmotrak@10555 555 # Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS)
asmotrak@10555 556 # processing in JSSE implementation.
asmotrak@10555 557 #
asmotrak@10555 558 # In some environments, a certain algorithm may be undesirable but it
asmotrak@10555 559 # cannot be disabled because of its use in legacy applications. Legacy
asmotrak@10555 560 # algorithms may still be supported, but applications should not use them
asmotrak@10555 561 # as the security strength of legacy algorithms are usually not strong enough
asmotrak@10555 562 # in practice.
asmotrak@10555 563 #
asmotrak@10555 564 # During SSL/TLS security parameters negotiation, legacy algorithms will
asmotrak@10555 565 # not be negotiated unless there are no other candidates.
asmotrak@10555 566 #
igerasim@12005 567 # The syntax of the legacy algorithms string is described as this Java
asmotrak@10555 568 # BNF-style:
asmotrak@10555 569 # LegacyAlgorithms:
asmotrak@10555 570 # " LegacyAlgorithm { , LegacyAlgorithm } "
asmotrak@10555 571 #
asmotrak@10555 572 # LegacyAlgorithm:
asmotrak@10555 573 # AlgorithmName (standard JSSE algorithm name)
asmotrak@10555 574 #
asmotrak@10555 575 # See the specification of security property "jdk.certpath.disabledAlgorithms"
asmotrak@10555 576 # for the syntax and description of the "AlgorithmName" notation.
asmotrak@10555 577 #
asmotrak@10555 578 # Per SSL/TLS specifications, cipher suites have the form:
asmotrak@10555 579 # SSL_KeyExchangeAlg_WITH_CipherAlg_MacAlg
asmotrak@10555 580 # or
asmotrak@10555 581 # TLS_KeyExchangeAlg_WITH_CipherAlg_MacAlg
asmotrak@10555 582 #
asmotrak@10555 583 # For example, the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA uses RSA as the
asmotrak@10555 584 # key exchange algorithm, AES_128_CBC (128 bits AES cipher algorithm in CBC
asmotrak@10555 585 # mode) as the cipher (encryption) algorithm, and SHA-1 as the message digest
asmotrak@10555 586 # algorithm for HMAC.
asmotrak@10555 587 #
asmotrak@10555 588 # The LegacyAlgorithm can be one of the following standard algorithm names:
asmotrak@10555 589 # 1. JSSE cipher suite name, e.g., TLS_RSA_WITH_AES_128_CBC_SHA
asmotrak@10555 590 # 2. JSSE key exchange algorithm name, e.g., RSA
asmotrak@10555 591 # 3. JSSE cipher (encryption) algorithm name, e.g., AES_128_CBC
igerasim@10612 592 # 4. JSSE message digest algorithm name, e.g., SHA
asmotrak@10555 593 #
asmotrak@10555 594 # See SSL/TLS specifications and "Java Cryptography Architecture Standard
asmotrak@10555 595 # Algorithm Name Documentation" for information about the algorithm names.
asmotrak@10555 596 #
igerasim@12005 597 # Note: This property is currently used by the JDK Reference implementation.
asmotrak@10555 598 # It is not guaranteed to be examined and used by other implementations.
asmotrak@10555 599 # There is no guarantee the property will continue to exist or be of the
asmotrak@10555 600 # same syntax in future releases.
asmotrak@10555 601 #
asmotrak@10555 602 # Example:
asmotrak@10555 603 # jdk.tls.legacyAlgorithms=DH_anon, DES_CBC, SSL_RSA_WITH_RC4_128_MD5
asmotrak@10555 604 #
asmotrak@10555 605 jdk.tls.legacyAlgorithms= \
asmotrak@10555 606 K_NULL, C_NULL, M_NULL, \
asmotrak@10555 607 DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
asmotrak@10555 608 DH_RSA_EXPORT, RSA_EXPORT, \
asmotrak@10555 609 DH_anon, ECDH_anon, \
igerasim@12005 610 RC4_128, RC4_40, DES_CBC, DES40_CBC, \
igerasim@12005 611 3DES_EDE_CBC
xuelei@11119 612
xuelei@11119 613 # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
xuelei@11119 614 # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.
xuelei@11119 615 #
xuelei@11119 616 # In traditional SSL/TLS/DTLS connections where finite field DHE parameters
xuelei@11119 617 # negotiation mechanism is not used, the server offers the client group
xuelei@11119 618 # parameters, base generator g and prime modulus p, for DHE key exchange.
xuelei@11119 619 # It is recommended to use dynamic group parameters. This property defines
xuelei@11119 620 # a mechanism that allows you to specify custom group parameters.
xuelei@11119 621 #
xuelei@11119 622 # The syntax of this property string is described as this Java BNF-style:
xuelei@11119 623 # DefaultDHEParameters:
xuelei@11119 624 # DefinedDHEParameters { , DefinedDHEParameters }
xuelei@11119 625 #
xuelei@11119 626 # DefinedDHEParameters:
xuelei@11119 627 # "{" DHEPrimeModulus , DHEBaseGenerator "}"
xuelei@11119 628 #
xuelei@11119 629 # DHEPrimeModulus:
xuelei@11119 630 # HexadecimalDigits
xuelei@11119 631 #
xuelei@11119 632 # DHEBaseGenerator:
xuelei@11119 633 # HexadecimalDigits
xuelei@11119 634 #
xuelei@11119 635 # HexadecimalDigits:
xuelei@11119 636 # HexadecimalDigit { HexadecimalDigit }
xuelei@11119 637 #
xuelei@11119 638 # HexadecimalDigit: one of
xuelei@11119 639 # 0 1 2 3 4 5 6 7 8 9 A B C D E F a b c d e f
xuelei@11119 640 #
xuelei@11119 641 # Whitespace characters are ignored.
xuelei@11119 642 #
xuelei@11119 643 # The "DefinedDHEParameters" defines the custom group parameters, prime
xuelei@11119 644 # modulus p and base generator g, for a particular size of prime modulus p.
xuelei@11119 645 # The "DHEPrimeModulus" defines the hexadecimal prime modulus p, and the
xuelei@11119 646 # "DHEBaseGenerator" defines the hexadecimal base generator g of a group
xuelei@11119 647 # parameter. It is recommended to use safe primes for the custom group
xuelei@11119 648 # parameters.
xuelei@11119 649 #
xuelei@11119 650 # If this property is not defined or the value is empty, the underlying JSSE
xuelei@11119 651 # provider's default group parameter is used for each connection.
xuelei@11119 652 #
xuelei@11119 653 # If the property value does not follow the grammar, or a particular group
xuelei@11119 654 # parameter is not valid, the connection will fall back and use the
xuelei@11119 655 # underlying JSSE provider's default group parameter.
xuelei@11119 656 #
xuelei@11119 657 # Note: This property is currently used by OpenJDK's JSSE implementation. It
xuelei@11119 658 # is not guaranteed to be examined and used by other implementations.
xuelei@11119 659 #
xuelei@11119 660 # Example:
xuelei@11119 661 # jdk.tls.server.defaultDHEParameters=
xuelei@11119 662 # { \
xuelei@11119 663 # FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \
xuelei@11119 664 # 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \
xuelei@11119 665 # EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \
xuelei@11119 666 # E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \
xuelei@11119 667 # EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
xuelei@11119 668 # FFFFFFFF FFFFFFFF, 2}
igerasim@11941 669
igerasim@11941 670 # Algorithm restrictions for signed JAR files
igerasim@11941 671 #
igerasim@11941 672 # In some environments, certain algorithms or key lengths may be undesirable
igerasim@11941 673 # for signed JAR validation. For example, "MD2" is generally no longer
igerasim@11941 674 # considered to be a secure hash algorithm. This section describes the
igerasim@11941 675 # mechanism for disabling algorithms based on algorithm name and/or key length.
igerasim@11941 676 # JARs signed with any of the disabled algorithms or key sizes will be treated
igerasim@11941 677 # as unsigned.
igerasim@11941 678 #
igerasim@11941 679 # The syntax of the disabled algorithm string is described as follows:
igerasim@11941 680 # DisabledAlgorithms:
igerasim@11941 681 # " DisabledAlgorithm { , DisabledAlgorithm } "
igerasim@11941 682 #
igerasim@11941 683 # DisabledAlgorithm:
igerasim@11941 684 # AlgorithmName [Constraint]
igerasim@11941 685 #
igerasim@11941 686 # AlgorithmName:
igerasim@11941 687 # (see below)
igerasim@11941 688 #
igerasim@11941 689 # Constraint:
igerasim@11941 690 # KeySizeConstraint
igerasim@11941 691 #
igerasim@11941 692 # KeySizeConstraint:
igerasim@11941 693 # keySize Operator KeyLength
igerasim@11941 694 #
igerasim@11941 695 # Operator:
igerasim@11941 696 # <= | < | == | != | >= | >
igerasim@11941 697 #
igerasim@11941 698 # KeyLength:
igerasim@11941 699 # Integer value of the algorithm's key length in bits
igerasim@11941 700 #
igerasim@11941 701 # Note: This property is currently used by the JDK Reference
igerasim@11941 702 # implementation. It is not guaranteed to be examined and used by other
igerasim@11941 703 # implementations.
igerasim@11941 704 #
rpatil@11965 705 jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024
rriggs@12027 706
rriggs@12027 707 #
rriggs@12027 708 # Serialization process-wide filter
rriggs@12027 709 #
rriggs@12027 710 # A filter, if configured, is used by java.io.ObjectInputStream during
rriggs@12027 711 # deserialization to check the contents of the stream.
rriggs@12027 712 # A filter is configured as a sequence of patterns, each pattern is either
rriggs@12027 713 # matched against the name of a class in the stream or defines a limit.
rriggs@12027 714 # Patterns are separated by ";" (semicolon).
rriggs@12027 715 # Whitespace is significant and is considered part of the pattern.
rriggs@12027 716 #
rriggs@12027 717 # If a pattern includes a "=", it sets a limit.
rriggs@12027 718 # If a limit appears more than once the last value is used.
rriggs@12027 719 # Limits are checked before classes regardless of the order in the sequence of patterns.
rriggs@12027 720 # If any of the limits are exceeded, the filter status is REJECTED.
rriggs@12027 721 #
rriggs@12027 722 # maxdepth=value - the maximum depth of a graph
rriggs@12027 723 # maxrefs=value - the maximum number of internal references
rriggs@12027 724 # maxbytes=value - the maximum number of bytes in the input stream
rriggs@12027 725 # maxarray=value - the maximum array length allowed
rriggs@12027 726 #
rriggs@12027 727 # Other patterns, from left to right, match the class or package name as
rriggs@12027 728 # returned from Class.getName.
rriggs@12027 729 # If the class is an array type, the class or package to be matched is the element type.
rriggs@12027 730 # Arrays of any number of dimensions are treated the same as the element type.
rriggs@12027 731 # For example, a pattern of "!example.Foo", rejects creation of any instance or
rriggs@12027 732 # array of example.Foo.
rriggs@12027 733 #
rriggs@12027 734 # If the pattern starts with "!", the status is REJECTED if the remaining pattern
rriggs@12027 735 # is matched; otherwise the status is ALLOWED if the pattern matches.
rriggs@12027 736 # If the pattern ends with ".**" it matches any class in the package and all subpackages.
rriggs@12027 737 # If the pattern ends with ".*" it matches any class in the package.
rriggs@12027 738 # If the pattern ends with "*", it matches any class with the pattern as a prefix.
rriggs@12027 739 # If the pattern is equal to the class name, it matches.
rriggs@12027 740 # Otherwise, the status is UNDECIDED.
rriggs@12027 741 #
rriggs@12027 742 #jdk.serialFilter=pattern;pattern
rriggs@12028 743
rriggs@12028 744 #
rriggs@12028 745 # RMI Registry Serial Filter
rriggs@12028 746 #
rriggs@12028 747 # The filter pattern uses the same format as jdk.serialFilter.
rriggs@12028 748 # This filter can override the builtin filter if additional types need to be
rriggs@12028 749 # allowed or rejected from the RMI Registry.
rriggs@12028 750 #
rriggs@12028 751 #sun.rmi.registry.registryFilter=pattern;pattern
rriggs@12028 752
rriggs@12028 753 #
rriggs@12028 754 # RMI Distributed Garbage Collector (DGC) Serial Filter
rriggs@12028 755 #
rriggs@12028 756 # The filter pattern uses the same format as jdk.serialFilter.
rriggs@12028 757 # This filter can override the builtin filter if additional types need to be
rriggs@12028 758 # allowed or rejected from the RMI DGC.
rriggs@12028 759 #
rriggs@12028 760 # The builtin DGC filter can approximately be represented as the filter pattern:
rriggs@12028 761 #
rriggs@12028 762 #sun.rmi.transport.dgcFilter=\
rriggs@12028 763 # java.rmi.server.ObjID;\
rriggs@12028 764 # java.rmi.server.UID;\
rriggs@12028 765 # java.rmi.dgc.VMID;\
rriggs@12028 766 # java.rmi.dgc.Lease;\
rriggs@12028 767 # maxdepth=5;maxarray=10000