Re: (tomcat) branch main updated: Warn for insecure PEM file encryption

Wed, 13 May 2026 10:43:05 -0700 

Mark,

AES is insecure?

-chris

On 5/13/26 10:03 AM, [email protected] wrote:

This is an automated email from the ASF dual-hosted git repository.

markt-asf pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
      new ba67ad1e87 Warn for insecure PEM file encryption
ba67ad1e87 is described below

commit ba67ad1e87231e57185776d54df911033b36d392
Author: Mark Thomas <[email protected]>
AuthorDate: Wed May 13 14:59:42 2026 +0100

     Warn for insecure PEM file encryption
---
  java/org/apache/tomcat/util/net/jsse/LocalStrings.properties | 2 ++
  java/org/apache/tomcat/util/net/jsse/PEMFile.java            | 7 +++++++
  webapps/docs/changelog.xml                                   | 4 ++++
  3 files changed, 13 insertions(+)

diff --git a/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties 
b/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
index ef16a01b9e..10f6d8e301 100644
--- a/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/net/jsse/LocalStrings.properties
@@ -20,6 +20,8 @@ jsseUtil.excludeProtocol=The SSL protocol [{0}] which is 
supported in this JRE w
  jsseUtil.noDefaultProtocols=Unable to determine a default for 
sslEnabledProtocols. Set an explicit value to ensure the connector can start.
  jsseUtil.opensslconf.present=A connector is configured to use a JSSE TLS 
implementation with OpenSSL specific OpenSSLConf configuration elements. The 
OpenSSLConf configuration elements will be ignored.
+pemFile.encryption.broken=The PEM file [{0}] is using [{1}] which is considered broken because a brute force attack is trivial with current hardware 
+pemFile.encryption.insecure=The PEM file [{0}] is using [{1}] which is 
considered insecure as it is vulnerable to a brute-force attack
  pemFile.noMultiPrimes=The PKCS#1 certificate is in multi-prime format and 
Java does not provide an API for constructing an RSA private key object from 
that format
  pemFile.noPassword=A password is required to decrypt the private key
  pemFile.notPbkdf2=The OID [{0}] is not the correct OID for PKBDF2 which is 
the only permitted KDF for PBES2
diff --git a/java/org/apache/tomcat/util/net/jsse/PEMFile.java 
b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
index fa52b75232..be8c690f42 100644
--- a/java/org/apache/tomcat/util/net/jsse/PEMFile.java
+++ b/java/org/apache/tomcat/util/net/jsse/PEMFile.java
@@ -51,6 +51,8 @@ import javax.crypto.spec.IvParameterSpec;
  import javax.crypto.spec.PBEKeySpec;
  import javax.crypto.spec.SecretKeySpec;
+import org.apache.juli.logging.Log; 
+import org.apache.juli.logging.LogFactory;
  import org.apache.tomcat.util.buf.Asn1Parser;
  import org.apache.tomcat.util.buf.Asn1Writer;
  import org.apache.tomcat.util.buf.HexUtils;
@@ -64,6 +66,7 @@ import org.ietf.jgss.Oid;
   */
  public class PEMFile {
+ private static final Log log = LogFactory.getLog(PEMFile.class); 
      private static final StringManager sm = 
StringManager.getManager(PEMFile.class);
private static final byte[] OID_EC_PUBLIC_KEY = 
@@ -370,18 +373,21 @@ public class PEMFile {
                              secretKeyAlgorithm = "DES";
                              cipherTransformation = "DES/CBC/PKCS5Padding";
                              keyLength = 8;
+                            
log.error(sm.getString("pemFile.encryption.broken", filename, algorithm));
                              break;
                          }
                          case "DES-EDE3-CBC": {
                              secretKeyAlgorithm = "DESede";
                              cipherTransformation = "DESede/CBC/PKCS5Padding";
                              keyLength = 24;
+                            
log.warn(sm.getString("pemFile.encryption.insecure", filename, algorithm));
                              break;
                          }
                          case "AES-256-CBC": {
                              secretKeyAlgorithm = "AES";
                              cipherTransformation = "AES/CBC/PKCS5Padding";
                              keyLength = 32;
+                            
log.warn(sm.getString("pemFile.encryption.insecure", filename, algorithm));
                              break;
                          }
                          default:
@@ -501,6 +507,7 @@ public class PEMFile {
                          throw new NoSuchAlgorithmException(
                                  
sm.getString("pemFile.unknownEncryptionAlgorithm", 
toDottedOidString(oidCipher)));
                      }
+                    log.warn(sm.getString("pemFile.encryption.insecure", 
filename, algorithm));
byte[] iv = p.parseOctetString(); diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml 
index 9efb014883..2e590fed2d 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -258,6 +258,10 @@
          Remove support for HTTP 0.9. (markt)
        </update>
        <!-- Entries for backport and removal before 12.0.0-M1 below this line 
-->
+      <add>
+        Log a suitable warning if an encrypted PEM file is detected using an
+        insecure form for encryption. (markt)
+      </add>
      </changelog>
    </subsection>
    <subsection name="Jasper">


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]




---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to