The story that Java security settings change depending on the encryption policy on RHEL / CentOS

What's?

Red Hat Enterprise Linux allows you to set encryption policies for your system.

Use system-wide encryption policy (https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening)

With this content, Java security settings will also change.

environment

Let's check it on CentOS 8.

$ cat /etc/redhat-release 
CentOS Linux release 8.3.2011

The Java used is OpenJDK 8.

$ java -version
openjdk version "1.8.0_275"
OpenJDK Runtime Environment (build 1.8.0_275-b01)
OpenJDK 64-Bit Server VM (build 25.275-b01, mixed mode)

Verification

For example, there is a property called jdk.tls.disabledAlgorithms that specifies the algorithm to disable in encryption.

Java Secure Socket Extension (JSSE) Reference Guide (https://docs.oracle.com/javase/jp/8/docs/technotes/guides/security/jsse/JSSERefGuide.html)

Java Cryptography Architecture Oracle Provider Documentation (for JDK 8) (https://docs.oracle.com/javase/jp/8/docs/technotes/guides/security/SunProviders.html)

Let's write a program that outputs this.

App.java


import java.security.Security;

public class App {
	public static void main(String... args) {
		System.out.printf("jdk.tls.disabledAlgorithms = %s%n", Security.getProperty("jdk.tls.disabledAlgorithms"));
	}
}

Now let's take a look at the java.security settings.

$ grep ^jdk.tls.disabledAlgorithms -A 2 /usr/lib/jvm/java-1.8.0-openjdk/jre/lib/security/java.security
jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \
    EC keySize < 224, 3DES_EDE_CBC, anon, NULL

Let's run the created program.

$ javac App.java

… I got a completely different value.

$ java App
jdk.tls.disabledAlgorithms = DH keySize < 2048, SSLv2, SSLv3, TLSv1, TLSv1.1, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5

Now let's take a look at the current encryption policy settings. It is DEFAULT.

$ update-crypto-policies --show
DEFAULT

Cryptographic policies have four profiles: DEFAULT, LEGACY, FUTURE, and FIPS.

Use system-wide encryption policy (https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening)

Now let's check the / usr/share/crypto-policies directory.

The settings for each profile are arranged, but let's take a look at the settings for Java in the DEFAULT profile.

$ grep ^jdk.tls.disabledAlgorithms /usr/share/crypto-policies/DEFAULT/java.txt 
jdk.tls.disabledAlgorithms=DH keySize < 2048, SSLv2, SSLv3, TLSv1, TLSv1.1, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5

This matches the output result of the previous program.

Now let's change the encryption policy profile to LEGACY.

$ sudo update-crypto-policies --set LEGACY
Setting system policy to LEGACY
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.

After making changes, restart the OS.

$ sudo reboot

I was able to confirm that the encryption policy profile has changed.

$ update-crypto-policies --show
LEGACY

Try running the previous program again.

$ java App 
jdk.tls.disabledAlgorithms = DH keySize < 1023, SSLv2, SSLv3, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, DES_CBC, RC4_40, DES40_CBC, RC2, HmacMD5

I haven't changed the $ JAVA_HOME/jre/lib/security/java.security file, but the settings have changed.

Now let's take a look at the Java settings for the LEGACY profile. It is a file called java.txt.

$ grep ^jdk.tls.disabledAlgorithms /usr/share/crypto-policies/LEGACY/java.txt 
jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, SSLv3, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, DES_CBC, RC4_40, DES40_CBC, RC2, HmacMD5

It is the same as this value.

I didn't know how it was reflected, but I didn't know this ...

It seems that you can choose a profile and customize it, but you shouldn't choose LEGACY. It seems that it will be closer to RHEL 5 compatibility.

Finally, let's take a look at the Java settings for each profile.

DEFAULT

/usr/share/crypto-policies/DEFAULT/java.txt


jdk.tls.ephemeralDHKeySize=2048
jdk.certpath.disabledAlgorithms=MD2, MD5, DSA, RSA keySize < 2048
jdk.tls.disabledAlgorithms=DH keySize < 2048, SSLv2, SSLv3, TLSv1, TLSv1.1, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=

FUTURE

/usr/share/crypto-policies/FUTURE/java.txt


jdk.tls.ephemeralDHKeySize=3072
jdk.certpath.disabledAlgorithms=MD2, SHA224, SHA1, MD5, DSA, RSA keySize < 3072
jdk.tls.disabledAlgorithms=DH keySize < 3072, SSLv2, SSLv3, TLSv1, TLSv1.1, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, AES_128_GCM, AES_128_CCM, AES_256_CBC, AES_128_CBC, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacSHA1, HmacMD5
jdk.tls.legacyAlgorithms=

FIPS

/usr/share/crypto-policies/FIPS/java.txt


jdk.tls.ephemeralDHKeySize=2048
jdk.certpath.disabledAlgorithms=MD2, SHA1, MD5, DSA, RSA keySize < 2048
jdk.tls.disabledAlgorithms=DH keySize < 2048, SSLv2, SSLv3, TLSv1, TLSv1.1, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, DHE_DSS, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, 3DES_EDE_CBC, DES_CBC, RC4_40, RC4_128, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=

LEGACY

/usr/share/crypto-policies/LEGACY/java.txt


jdk.tls.ephemeralDHKeySize=1023
jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1023
jdk.tls.disabledAlgorithms=DH keySize < 1023, SSLv2, SSLv3, RSA_EXPORT, DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_DSS_EXPORT, DH_RSA_EXPORT, DH_anon, ECDH_anon, DH_RSA, DH_DSS, ECDH, DES_CBC, RC4_40, DES40_CBC, RC2, HmacMD5
jdk.tls.legacyAlgorithms=3DES_EDE_CBC, RC4_128

From the number of items, I feel that it is a difference from $ JAVA_HOME/jre/lib/security/java.security, so it seems better to look at both this file and the encryption policy on the OS side.

reference

Customize crypto-policies to integrate system-wide cryptographic strength settings (https://rheb.hatenablog.com/entry/2020/09/10/crypto-policies-mod)

RHEL8 System-Wide Encryption Policy

Recommended Posts

The story that Java security settings change depending on the encryption policy on RHEL / CentOS
Java version change on CentOS
Perform SSL encryption settings in accordance with the "TLS encryption setting guidelines" on CentOS8
The story that I could not build after installing multiple Java on Windows
The story that .java is also built in Unity 2018
20190803_Java & k8s on Azure The story of going to the festival