When looking at PCAP traces of Java TLS handshake, I can see details in Server Hello like this:
Signature Algorithm: SHA224 DSA (0x0302)
I would like to disable it, so server application does not offer it to the client. As far as I understand, this can be done in JAVA_HOME/conf/java.security
There is already an entry like this:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, DTLSv1.0, RC4, DES, \
MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
ECDH, TLS_RSA_*, rsa_pkcs1_sha1 usage HandshakeSignature, \
ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature
Is this the right place and what is needed to be entered here, to achieve this?
Yes. jdk.tls.disabledAlgorithms in java.security is the correct place.
For SHA224 with DSA (0x0302), add
dsa_sha224 usage HandshakeSignature
so your full entry is:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, DTLSv1.0, RC4, DES, \
MD5withRSA, DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
ECDH, TLS_RSA_*, rsa_pkcs1_sha1 usage HandshakeSignature, \
ecdsa_sha1 usage HandshakeSignature, dsa_sha1 usage HandshakeSignature, \
dsa_sha224 usage HandshakeSignature
The naming pattern is:
<sig>_<hash> usage HandshakeSignature
If you want to disable all DSA-based signature algorithms in handshakes, you could add:
dsa_sha1 usage HandshakeSignature, \
dsa_sha224 usage HandshakeSignature, \
dsa_sha256 usage HandshakeSignature, \
dsa_sha384 usage HandshakeSignature, \
dsa_sha512 usage HandshakeSignature
Note: This affects the JVM globally. For application-specific control without modifying the system file, you can pass it as a system property.
-Djava.security.properties=/path/to/custom.security
or programmatically, before any TLS connections
Security.setProperty("jdk.tls.disabledAlgorithms", "...");