IBM Support

Semeru Runtimes security migration guide

General Page

This guide contains security considerations for users who are migrating from IBM® SDK, Java™ Technology Edition, version 8 to version 11 of the IBM Semeru Runtimes.

IBM Semeru Runtimes security migration guide

IBM SDK, Java Technology Edition, version 8 contains the IBM security implementation. However, version 11 of the IBM Semeru Runtime™ Open Edition and IBM Semeru Runtime™ Certified Edition contain the OpenJDK security implementation. Differences between these implementations might require code changes to your applications.

OpenJDK contains a Java cryptographic implementation that includes TLS v1.3 since JDK11. This protocol is enabled by default and contains significant differences to earlier TLS implementations. For more information about TLS v1.3, including which algorithms are no longer allowed, see JEP 332.

IBM Semeru Runtimes can utilize OpenSSL to enhance cryptographic acceleration. When installing the software on Mac® and Windows® platforms, a pre-packaged version of OpenSSL is automatically installed on your system and used by default. However, for other platforms, you must manually install OpenSSL versions 1.1.X or 3.X. If the library cannot be located on the system path, different cryptographic JCE providers will revert to using the OpenJDK implementations, which might not deliver the same level of performance as their OpenSSL algorithm equivalents.

The security certificates aolrootca1 and aolrootca2 that were present in IBM SDK, Java Technology Edition, V8 are no longer included.

Note: IBM Semeru Runtimes can leverage FIPS 140-3 capabilities for production workloads. Starting with versions 8.0.352, 11.0.16, and 17.0.4, IBM Semeru Runtimes includes FIPS support, by using the NSS library in Red Hat Enterprise Linux 8 or later. For more information, see FIPS certified cryptography in IBM Semeru Runtimes FIPS.

IBM Semeru Runtime Certified Edition for z/OS

Information in this security migration guide does not apply for the IBM Semeru Runtime Certified Edition for z/OS. Refer to these resources:

Security providers

The OpenJDK security providers have different names to the IBM Security providers. If your application uses hardcoded IBM provider names, you must update your application code. The following table shows the equivalent OpenJDK provider names, their implementation class, and the Java module in which the class belongs. If you want to learn more about the differences between providers, click the links in the IBM Security provider column.

Also, note that the ikeyman and ikeycmd tools which were available in IBM SDK, Java Technology Edition, version 8, are not available in versions 11 and above of the IBM Semeru Runtimes. Use the Keytool command to perform certificate and key operations.

IBM Security provider OpenJDK/Oracle security provider Implementation class Java module
IBM JSSE2 The SunJSSE provider sun.security.ssl.SunJSSE java.base
IBM JCE
(see Note 1)
The SUN provider sun.security.provider.Sun java.base
The SunEC Provider sun.security.ec.SunEC jdk.crypto.ec
The SunJCE provider com.sun.crypto.provider.SunJCE java.base
The SunRsaSign provider sun.security.rsa.SunRsaSign java.base
IBM JGSS The sunJGSS provider sun.security.jgss.SunProvider java.security.jgss
IBM Certification Path OpenJDK Certification Path sun.security.provider.Sun java.base
IBM SASL The sunSASL provider com.sun.security.sasl.Provider java.security.sasl
IBM JAAS OpenJDK JAAS com.sun.security.auth jdk.security.auth
IBMSecureRandom
(see Note 2)
- - -
XML Digital Signature
(see Note 3)
The XMLDSig provider org.jcp.xml.dsig.internal.dom.XMLDSigRI java.xml.crypto
XML Digital Encryption
(see Note 4)
- - -

Table: IBM security provider to OpenJDK security provider mapping

Notes:

  1. OpenJDK contains an (optional) LGPL native module, which implements part of sun.security.ec.SunEC. For more information, see the file legal/jdk.crypto.ec/ecc.mdd.
  2. OpenJDK does not have an equivalent version of the IBMSecureRandom provider. For alternative functionality, see IBMSecureRandom.
  3. The OpenJDK XML Digital Signature provider and implementation class is identical to the IBM provider (JSR105).
  4. OpenJDK does not implement the Java XML Digital Encryption Specification (JSR 106). If your application uses the IBM security class com.ibm.xml.enc.IBMXMLEncProvider, you must update your application code to remove it.
  5. OpenJDK allows the use of unsigned third-party cryptographic providers.

JSSE provider differences

If your application uses hardcoded IBM provider, protocol, or algorithm names, you must update your application code.

The following table shows some key differences for JSSE:

Aspect of JSSE IBM SDK, Java Technology Edition, version 8 IBM Semeru Runtimes, version 11
IBM JSSE provider com.ibm.jsse2.IBMJSSEProvider2 sun.security.ssl.SunJSSE
IBM HTTPS protocol handler com.ibm.net.ssl.www2.protocol.Handler sun.net.www.protocol.https.Handler
KeyManagerFactory algorithm IbmX509 or NewIbmX509 sunX509 or NewSunX509
TrustManagerFactory algorithm IbmX509 or IbmPKIX SunX509 or SunPKIX

Table: Key differences for JSSE


System properties

The following system properties are no longer supported:

  • com.ibm.jsse2.extended.renegotiation.indicator
  • com.ibm.jsse2.sp800-131
  • com.ibm.jsse2.suiteB
  • com.ibm.jsse2.usefipsprovider=true
  • com.ibm.jsse2.JSSEFIPS

To enable PKIX revocation checking, you should now set the com.sun.net.ssl.checkRevocation system property to true, instead of the com.ibm.jsse2.checkRevocation system property.

If the DHKeySize is not specified in the jdk.tls.disabledAlgorithms property, a minimum DHKeySize is no longer set.


SSL settings

To enable SSLv3, you no longer need to set the system property com.ibm.jsse2.disableSSLv3 to false. However, you still need to remove SSLv3 from jdk.tls.disabledAlgorithms in the java.security file.

SSLContext.getInstance("TLS") now enables TLS versions up to 1.3 with the following implications:

  • When you specify TLS with SSLContext.getInstance("TLS"), TLS versions 1.0, 1.1, 1.2, and 1.3 are now all enabled. By contrast, in previous releases that use the IBM JSSE2 provider, only TLS version 1.0 is enabled.
  • In this release, you can also use SSLContext.getInstance("TLSv1.1") to enable TLS versions 1.0 and 1.1. By contrast, in previous releases that use the IBM JSSE2 provider, only TLS version 1.1 is enabled.

Protocol aliases SSL_TLS and SSL_TLSv2 are no longer supported in this release.


Key managers and key stores

Key managers and key stores are affected in the following ways:

Certificate chain verification now stops when a trusted certificate is reached, with the following implications:

  • The OpenJDK SunX509 KeyManager replaces the IBMX509 KeyManager. When you use the SunX509 KeyManager, it verifies the certificate chain up to the trusted certificate. Verification stops when it reaches a trusted certificate. In contrast, the IBMX509 KeyManager verifies the entire server or client certificate chain, including trusted certificates. For example, if a trusted certificate is expired, then the handshake fails, even though the expired certificate is trusted. This change does not affect the PKIX TrustManager.

KeyManagerFactory no longer searches for key material. When a KeyManager object with a null value is passed to SSLContext, KeyManagerFactory now creates an empty KeyManager. KeyManagerFactory will no longer search files and properties for key material.

X509TrustManager now handles some exceptions differently. Instead of producing an error, X509TrustManager now creates a default TrustManager or KeyManager with an empty KeyStore in the following situations:

  • The TrustStore or KeyStore that is specified by the system properties does not exist.
  • The password is incorrect.
  • The KeyStore type is inappropriate for the KeyStore.

Ciphers, cipher suites, and certificates

Ciphers, cipher suites, and certificates are affected in the following ways:

  • Anonymous cipher suites are now allowed by JSSE TrustManager.
  • Servers with DSA certificates must use specific cipher suites. If the server has a DSA certificate only, then these certificates can only use cipher suites with *_DH*_* in the name. Previously, if the server has a DSA certificate only, and only RSA*
  • The SSL_* or TLS_* prefix in cipher suite names can no longer be used interchangeably. You should update your applications to use the prefix that is specified by OpenJDK. For a complete list of OpenJDK cipher suites, see: SunJSSE Cipher Suites

JCE provider differences

This release contains the OpenJDK JCE provider, instead of the IBM JCE provider. Differences between these implementations might require code changes to your applications.

Some IBM JCE provider functions do not have an equivalent in the OpenJDK providers. Equivalent functions, if available, come from multiple OpenJDK providers as shown in the following table:

OpenJDK providers Functions
SUN CertificateFactory (X.509), KeyStore (PKCS12, JKS, DKS), and MessageDigest (*)
SunEC Elliptic Curve algorithms
SunJCE Diffie-Hellman algorithms, KeyStore (JCEKS), KeyGenerator (*), Mac (*), and SecretKeyFactory (*)
SunRSASign RSA signature algorithms and RSA key generation using KeyFactory or KeyPairGenerator

Table: Equivalent JCE function for OpenJDK providers


Type AlgorithmParameters

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SunJCE provider)
AESGCM GCM
3DES DESede 1
Mars None
PBEWithHmacSHA1And128BitAES PBEWithHmacSHA1AndAES_128
PBEWithHmacSHA1And256BitAES PBEWithHmacSHA1AndAES_256
PBEWithHmacSHA224And128BitAES PBEWithHmacSHA224AndAES_128
PBEWithHmacSHA224And256BitAES PBEWithHmacSHA224AndAES_256
PBEWithHmacSHA256And128BitAES PBEWithHmacSHA256AndAES_128
PBEWithHmacSHA256And256BitAES PBEWithHmacSHA256AndAES_256
PBEWithHmacSHA384And128BitAES PBEWithHmacSHA384AndAES_128
PBEWithHmacSHA384And256BitAES PBEWithHmacSHA384AndAES_256
PBEWithHmacSHA512And128BitAES PBEWithHmacSHA512AndAES_128
PBEWithHmacSHA512And256BitAES PBEWithHmacSHA512AndAES_256
PBEWithMD2AndDES None
PBEWithMD2AndRC2 None
PBEWithMD2AndTripleDES
PBEWithMD2And3DES
PBEWithMD2AndDESede
None
PBEWithMD5AndRC2 None
PBEWithSHAAndDES
PBEWithSHA-1AndDES
PBEWithSHA1AndDES
None
PBEWithSHA-1And3DES
PBEWithSHA-1AndDESede
PBEWithSHA-1AndTripleDES
PBEWithSHA1And3DES
PBEWithSHA1AndTripleDES
PBEWithSHAAnd3DES
PBEWithSHAAndDESede
PBEWithSHAAndTripleDES
PBEWithSHA1AndDESede
1.2.840.113549.1.12.1.3
OID.1.2.840.113549.1.12.1.3
PBEWithSHA1AndDESede 2
PBEWithSHAAnd3KeyTripleDES
PBEWithSHAAnd3Key3DES
PBEWithSHAAnd3KeyDESede
PBEWithSHA-1And3Key3DES
PBEWithSHA-1And3KeyDESede
PBEWithSHA-1And3KeyTripleDES
PBEWithSHA1And3Key3DES
PBEWithSHA1And3KeyDESede
PBEWithSHA1And3KeyTripleDES
PBEWithSHA1AndDESede
PBEWithSHAAnd2KeyTripleDES
PBEWithSHAAnd2Key3DES
PBEWithSHAAnd2KeyDESede
PBEWithSHA-1And2Key3DES
PBEWithSHA-1And2KeyDESede
PBEWithSHA-1And2KeyTripleDES
PBEWithSHA1And2Key3DES
PBEWithSHA1And2KeyDESede
PBEWithSHA1And2KeyTripleDES
None
PBEWithSHAAnd40BitRC2
PBEWithSHA-1And40BitRC2
PBEWithSHA1And40BitRC2
PBEWithSHA1AndRC2_40
PBEWithSHAAnd128BitRC2
PBEWithSHA-1And128BitRC2
PBEWithSHA1And128BitRC2
PBEWithSHA1AndRC2_128
PBEWithSHAAnd40BitRC4
PBEWithSHA-1And40BitRC4
PBEWithSHA1And40BitRC4
PBEWithSHA1AndRC4_40
PBEWithSHAAnd128BitRC4
PBEWithSHA-1And128BitRC4
PBEWithSHA1And128BitRC4
PBEWithSHA1AndRC4_128
PBM
1.2.840.113533.7.66.13
OID.1.2.840.113533.7.66.13
PasswordBasedMac
None

Table: Type AlgorithmParameters

Table notes:
  1. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.
  2. The IBMJCE provider maps these object identifiers to PBEWithSHAAnd3KeyTripleDES. The OpenJDK equivalent maps these object identifiers to PBEWithSHA1AndDESede.

Type Cipher

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SunJCE provider)
2.16.840.1.102.3.4.1.28
2.16.840.1.101.3.4.1.48
2.16.840.1.101.3.4.1.8
OID.2.16.840.1.102.3.4.1.28
OID.2.16.840.1.101.3.4.1.48
OID.2.16.840.1.101.3.4.1.8
AESWrap 1
ElGamal None
Mars None
PBEWithHmacSHA1And128BitAES PBEWithHmacSHA1AndAES_128
PBEWithHmacSHA1And256BitAES PBEWithHmacSHA1AndAES_256
PBEWithHmacSHA224And128BitAES PBEWithHmacSHA224AndAES_128
PBEWithHmacSHA224And256BitAES PBEWithHmacSHA224AndAES_256
PBEWithHmacSHA256And128BitAES PBEWithHmacSHA256AndAES_128
PBEWithHmacSHA256And256BitAES PBEWithHmacSHA256AndAES_256
PBEWithHmacSHA384And128BitAES PBEWithHmacSHA384AndAES_128
PBEWithHmacSHA384And256BitAES PBEWithHmacSHA384AndAES_256
PBEWithHmacSHA512And128BitAES PBEWithHmacSHA512AndAES_128
PBEWithHmacSHA512And256BitAES PBEWithHmacSHA512AndAES_256
PBEWithMD2AndDES None
PBEWithMD2AndRC2 None
PBEWithMD2AndTripleDES
PBEWithMD2And3DES
PBEWithMD2AndDESede
None
PBEWithMD5AndRC2 None
PBEWithMD5And3DES
PBEWithMD5AndDESede
PBEWithMD5AndTripleDES
PBEWithSHA1AndDES
PBEWithSHA-1AndDES
PBEWithSHAAndDES
OID.1.2.840.113549.1.5.10
None
PBEWithSHA-1And3DES
PBEWithSHA-1AndDESede
PBEWithSHA-1AndTripleDES
PBEWithSHA1And3DES
PBEWithSHA1AndTripleDES
PBEWithSHAAnd3DES
PBEWithSHAAndDESede
PBEWithSHAAndTripleDES
PBEWithSHA1AndDESede
1.2.840.113549.1.12.1.3
OID.1.2.840.113549.1.12.1.3
PBEWithSHA1AndDESede 2
PBEWithSHAAnd3KeyTripleDES
PBEWithSHAAnd3Key3DES
PBEWithSHAAnd3KeyDESede
PBEWithSHA-1And3Key3DES
PBEWithSHA-1And3KeyDESede
PBEWithSHA-1And3KeyTripleDES
PBEWithSHA1And3Key3DES
PBEWithSHA1And3KeyDESede
PBEWithSHA1And3KeyTripleDES
PBEWithSHA1AndDESede
PBEWithSHAAnd2KeyTripleDES
PBEWithSHAAnd2Key3DES
PBEWithSHAAnd2KeyDESede
PBEWithSHA-1And2Key3DES
PBEWithSHA-1And2KeyDESede
PBEWithSHA-1And2KeyTripleDES
PBEWithSHA1And2Key3DES
PBEWithSHA1And2KeyDESede
PBEWithSHA1And2KeyTripleDES
None
PBEWithSHA1AndRC2
PBEWithSHA-1AndRC2
PBEWithSHAAndRC2
OID.1.2.840.113549.1.5.11
None
PBEWithSHAAnd40BitRC2
PBEWithSHA-1And40BitRC2
PBEWithSHA1And40RC2
PBEWithSHA1AndRC2_40
PBEWithSHAAnd128BitRC2
PBEWithSHA-1And128BitRC2
PBEWithSHA1And128BitRC2
PBEWithSHA1AndRC2_128
PBEWithSHAAnd40BitRC4
PBEWithSHA-1And40BitRC4
PBEWithSHA1And40BitRC4
PBEWithSHA1AndRC4_40
PBEWithSHAAnd128BitRC4
PBEWithSHA-1And128BitRC4
PBEWithSHA1And128BitRC4
PBEWithSHA1AndRC4_128
RSAwithNoPad RSA/ECB/NoPadding
RSAforSSL RSA/SSL/PKCS1Padding RSA/ECB/PKCS1Padding
Seal None

Table: Type Cipher

Table notes:
  1. The IBMJCE provider maps these object identifiers to Cipher.AESWrap. The OpenJDK equivalent does not have these object identifiers.
  2. The IBMJCE provider maps these object identifiers to PBEWithSHAAnd3KeyTripleDES. The OpenJDK equivalent maps these object identifiers to PBEWithSHA1AndDESede.

Type KeyFactory

IBMJCE algorithm or alias Equivalent OpenJDK algorithm OpenJDK provider Notes
DSAKeyFactory DSA SUN Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.
1.2.840.10045.2.1
OID.1.2.840.10045.2.1
EC SunEC The IBMJCE provider maps these object identifiers to EC. OpenJDK does not have these object identifiers.
1.2.5.8.1.1 1.2.840.113549.1.1.1
OID.1.2.5.8.1.1
OID.1.2.840.113549.1.1.1
RSA SunRsaSign The IBMJCE provider maps these object identifiers to RSA. OpenJDK does not have these object identifiers. Both the IBMJCE provider and the OpenJDK equivalent have object identifiers for 1.2.840.113549.1.1 and OID.1.2.840.113549.1.1.

Table: Type KeyFactory

Type KeyGenerator

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SunJCE provider)
2.16.840.1.101.3.4.1
OID.2.16.840.1.101.3.4.1
AES 1
3DES DESede 2
HmacMD2
HMACwithMD2
None
HMACwithMD5 HmacMD5 2
HMACwithSHA1 HmacSHA1 2
HMACwithSHA224 HmacSHA224 2
HMACwithSHA256 HmacSHA256 2
HMACwithSHA384 HmacSHA384 2
HMACwithSHA512 HmacSHA512 2
Mars None
Seal None

Table: Type KeyGenerator

Table notes:
  1. IBMJCE maps these object identifiers to AES. OpenJDK does not have these object identifiers.
  2. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.

Type KeyPairGenerator

IBMJCE algorithm or alias Equivalent OpenJDK algorithm OpenJDK provider Notes
OID.1.3.14.3.2.12 1.3.14.3.2.12 SUN This object identifier maps to KeyPairGenerator.DSA. Alternatively, you can use 1.2.840.10040.4.1 or DSA.
1.2.840.10045.2.1
OID.1.2.840.10045.2.1
EC SunEC The IBMJCE provider maps these object identifiers to EC. OpenJDK does not have these object identifiers.
1.2.5.8.1.1
OID.1.2.5.8.1.1
RSA SunRsaSign IBMJCE maps these object identifiers to RSA. OpenJDK does not have these object identifiers. Both the IBMJCE provider and the OpenJDK equivalent have object identifiers for 1.2.840.113549.1.1 and OID.1.2.840.113549.1.1.

Table: Type KeyPairGenerator

Type KeyStore

IBMJCE algorithm or alias Equivalent OpenJDK algorithm OpenJDK provider Notes
JCERACFKS None
PKCS12
PKCS12KS
PKCS12 SUN The IBM JCE implementation of PKCS12 is the same as the OpenJDK implementation of PKCS12.
PKCS12JarSigner None
PKCS12S2 PKCS12 SUN The IBM JCE implementation of PKCS12S2 is the same as the OpenJDK implementation of PKCS12.

Table: Type KeyStore

Type Mac

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SunJCE provider)
AUTH_HMAC_SHA_256_128 None
AUTH_HMAC_SHA_512_256 None
HmacMD2
HMACwithMD2
None
HMACwithMD5 HmacMD5 1
HMACwithSHA1 HmacSHA1 1
HMACwithSHA224 HmacSHA224 1
HMACwithSHA256 HmacSHA256 1
HMACwithSHA384 HmacSHA384 1
HMACwithSHA512 HmacSHA512 1
PBM
1.2.840.113533.7.66.13
OID.1.2.840.113533.7.66.13
PasswordBasedMac
None

Table: Type Mac

Table notes:
  1. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.

Type MessageDigest

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SUN provider)
MD4 None
SHA224 SHA-224 1
SHA2
SHA-2
SHA256
SHA-256 1
SHA3
SHA-3
SHA384
SHA-384 1
SHA5
SHA-5
SHA512
SHA-512 1

Table: Type MessageDigest

Table notes:
  1. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.

Type SecretKeyFactory

IBMJCE algorithm or alias
Equivalent OpenJDK algorithm
(from the SunJCE provider)
AES
2.16.840.1.101.3.4.1
OID.2.16.840.1.101.3.4.1
None
3DES DESede 1
Mars None
PBEWithHmacSHA1And128BitAES PBEWithHmacSHA1AndAES_128
PBEWithHmacSHA1And256BitAES PBEWithHmacSHA1AndAES_256
PBEWithHmacSHA224And128BitAES PBEWithHmacSHA224AndAES_128
PBEWithHmacSHA224And256BitAES PBEWithHmacSHA224AndAES_256
PBEWithHmacSHA256And128BitAES PBEWithHmacSHA256AndAES_128
PBEWithHmacSHA256And256BitAES PBEWithHmacSHA256AndAES_256
PBEWithHmacSHA384And128BitAES PBEWithHmacSHA384AndAES_128
PBEWithHmacSHA384And256BitAES PBEWithHmacSHA384AndAES_256
PBEWithHmacSHA512And128BitAES PBEWithHmacSHA512AndAES_128
PBEWithHmacSHA512And256BitAES PBEWithHmacSHA512AndAES_256
PBEWithMD2AndDES None
PBEWithMD2AndRC2 None
PBEWithMD2AndTripleDES
PBEWithMD2And3DES
PBEWithMD2AndDESede
None
PBEWithMD5AndRC2 None
PBEWithMD5And3DES
PBEWithMD5AndDESede
PBEWithMD5AndTripleDES
PBEWithSHAAndDES
PBEWithSHA-1AndDES
PBEWithSHA1AndDES
None
PBEWithSHA-1And3DES
PBEWithSHA-1AndDESede
PBEWithSHA-1AndTripleDES
PBEWithSHA1And3DES
PBEWithSHA1AndTripleDES
PBEWithSHAAnd3DES
PBEWithSHAAndDESede
PBEWithSHAAndTripleDES
PBEWithSHA1AndDESede
1.2.840.113549.1.12.1.3
OID.1.2.840.113549.1.12.1.3
PBEWithSHA1AndDESede 2
PBEWithSHAAnd3KeyTripleDES
PBEWithSHAAnd3Key3DES
PBEWithSHAAnd3KeyDESede
PBEWithSHA-1And3Key3DES
PBEWithSHA-1And3KeyDESede
PBEWithSHA-1And3KeyTripleDES
PBEWithSHA1And3Key3DES
PBEWithSHA1And3KeyDESede
PBEWithSHA1And3KeyTripleDES
PBEWithSHA1AndDESede
PBEWithSHA1AndRC2
PBEWithSHA-1AndRC2
PBEWithSHAAndRC2
None
PBEWithSHAAnd40BitRC2
PBEWithSHA-1And40BitRC2
PBEWithSHA1And40RC2
PBEWithSHA1AndRC2_40
PBEWithSHAAnd128BitRC2
PBEWithSHA-1And128BitRC2
PBEWithSHA1And128BitRC2
PBEWithSHA1AndRC2_128
PBEWithSHAAnd40BitRC4
PBEWithSHA-1And40BitRC4
PBEWithSHA1And40BitRC4
PBEWithSHA1AndRC4_40
PBEWithSHAAnd128BitRC4
PBEWithSHA-1And128BitRC4
PBEWithSHA1And128BitRC4
PBEWithSHA1AndRC4_128
PBKDF1 None
PBKDF2 None
PKCS5Key None
RC2 None
RC4 None
Seal None

Table: Type SecretKeyFactory

Table notes:
  1. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.
  2. The IBMJCE provider maps these object identifiers to PBEWithSHAAnd3KeyTripleDES. The OpenJDK equivalent maps these object identifiers to PBEWithSHA1AndDESede.

Type SecureRandom

IBMJCE algorithm or alias Equivalent OpenJDK algorithm
HASHDRBG DRBG
IBMSecureRandom None
SHA256DRBG
SHA2DRBG
None
SHA512DRBG
SHA5DRBG
None

Table: Type SecureRandom

Type Signature

IBMJCE algorithm or alias Equivalent OpenJDK algorithm OpenJDK provider
DSAforSSL NONEWithDSA 1 SUN
ECDSALforSSL NONEWithECDSA 1 SunEC
1.3.14.3.2.24
MD2/RSA
OID.1.3.14.3.2.24
MD2withRSA 1 SunRsaSign
1.3.14.3.2.25
MD5/RSA
OID.1.3.14.3.2.25
MD2withRSA 1 SunRsaSign
RSAPSS
1.2.840.113549.1.1.10
OID1.2.840.113549.1.1.10
None
RSAforSSL NONEWithRSA 1 Usually SunEC 2
OID.1.3.14.3.2.13
OID.1.3.14.3.2.27
SHA-1withDSA
SHA1withDSA 1 SUN
SHA-1/ECDSA
SHA-1withECDSA
SHA/ECDSA
SHAwithECDSA
SHA1withECDSA 1 SunEC
1.3.14.3.2.26
RSA
SHA/RSA
SHA-1/RSA
SHA1/RSA
SHAwithRSA
SHA-1withRSA
SHA1withRSA 1 SunRsaSign
SHA-2/DSA
SHA-256withDSA
SHA-2withDSA
SHA2/DSA
SHA2withDSA
SHA256withDSA 1 SUN
SHA2/RSA
SHA2withRSA
SHA256withRSA 1 SunRsaSign
SHA2withECDSA
SHA2/ECDSA
SHA256withECDSA 1 SunEC
SHA3withECDSA
SHA3/ECDSA
SHA384withECDSA 1 SunEC
SHA3witRDSA
SHA3/RSA
SHA384withRSA 1 SunRsaSign
SHA5withECDSA
SHA5/ECDSA
SHA512withECDSA 1 SunEC
SHA5withRSA
SHA5/RSA
SHA512withRSA 1 SunRsaSign

Table: Type Signature

Table notes:
  1. Non-standard aliases that are available from the IBMJCE provider are not available from OpenJDK providers. Use a standard algorithm name instead.
  2. The NONEWithRSA algorithm is unique in that you supply your own MessageDigest object as the data to be signed. A Signature object that does not compute a message digest is therefore required for a provider to service the algorithm. The OpenJDK java.security.Signature class locates a security provider to service the NONEWithRSA algorithm. If you specify, on your getInstance() call, a particular provider to service the NONEWithRSA algorithm, the java.security.Signature class returns one of the following objects:
    1. An instance of a NONEWithRSA signature object, if the specified provider supports that algorithm
    2. A special NONEWithRSA signature object, if the specified provider supports the RSA/ECB/PKCS1Padding Cipher
    If you do not specify a provider on your getInstance() call, the java.security.Signature class manufactures a NONEWithRSA signature object from an RSA/ECB/PKCS1Padding Cipher object from the first cryptographic provider that offers that cipher algorithm, which is usually SunJCE. The order of preference of providers is determined by the list that is stored in the java.Security class. You can get the list by using the java.Security.getProviders() method.

Keys

The following differences exist for keys:
  • IBM DH KeyPairGenerator and AlgorithmParameterGenerator support key sizes between 256 and 2048 bits, that are a multiple of 64. The OpenJDK equivalents support key sizes between 512 and 2048 bits, that are a multiple of 64.
  • IBM DH KeyPairGenerator defaults to a key size of 1024 bits. The OpenJDK equivalent defaults to 2048 bits.
  • IBM DSA KeyPairGenerator defaults to a key size of 2048 bits. The OpenJDK equivalent defaults to 1024 bits.
  • IBM RSA KeyFactory recognizes the com.ibm.crypto.provider.restrictRSAExponent property. The corresponding OpenJDK RSA KeyFactory recognizes the sun.security.rsa.restrictRSAExponent property.
  • The OpenJDK security implementation does not support RFC5915-encoded EC private keys.
  • Before IBM SDK, Java Technology Edition Version 8, service refresh 1, fix pack 10, the IBM PKCS12S2 keystore type was equivalent to the OpenJDK PKCS12 keystore type, but the IBM PKCS12 keystore type was different. In later fix packs, the IBM PKCS12 and PKCS12S2 keystore types are modified to use a shared implementation. This shared implementation is forwards and backwards compatible with older IBM and older OpenJDK PKCS12 implementations. However, the OpenJDK 11 PKCS12 Keystore type is not compatible with these IBM PKCS12 and PKCS12S2 keystore types.
  • Oracle recommend that you upgrade your keystores to use the OpenJDK 11 PKCS12 keystore type.

Ciphers

IBM RSA Cipher recognizes the com.ibm.crypto.provider.DoRSATypeChecking property. When this property is set, the runtime environment checks that RSA public keys are not used for decryption, and that RSA private keys are not used for encryption. There is no equivalent function in the OpenJDK security implementation.


Mask generation

The IBM and OpenJDK implementations differ in the default mask generation function (MGF1) that is used when performing RSA OAEP operations. The OpenJDK implementation always uses SHA-1 whereas the IBMJCE provider uses a mask generation function that corresponds to the OAEP hash algorithm.


Hardware acceleration

The IBMJCE provider supports hardware acceleration for some ciphers, if hardware acceleration is supported on that platform. The OpenJDK JCE implementation does not have this support.

JGSS provider differences

This release contains the OpenJDK JGSS provider, instead of the IBM JGSS provider.

The following table shows the equivalent functionality in the IBM and OpenJDK JGSS providers.

Attributes and system properties IBM OpenJDK
JGSS provider name IBMJGSSProvider SunJGSS
Package containing the JGSS provider com.ibm.security.jgss sun.security.jgss.SunProvider
Package containing the SPNEGO mechanism com.ibm.security.jgss.mech.spnego
Package containing the Kerberos mechanism com.ibm.security.jgss.mech.krb5
System property javax.security.auth.useSubjectCredsOnly The original purpose of the OpenJDK Java property is extended to facilitate undocumented WebSphere support". No Oracle equivalent
Support for Kerberos utilities (kinit, klist, and ktab) Supported on all platforms. Supported only on Windows platforms. On other platforms, use native Kerberos utilities.
kinit -c FILE Permits only the owner to access the cache file. Permits access to the cache file based on the user's umask value.
LoginModule in the JAAS configuration file com.ibm.security.auth.module.Krb5LoginModule com.sun.security.auth.module.Krb5LoginModule
Initiate/accept configuration declaration in the JAAS configuration file com.ibm.security.jgss.krb5.initiate/accept com.sun.security.jgss.krb5.initiate/accept
KerberosTokenProfile (WSSKrbToken.jar) Available only in version 8, not version 11. Used only by WebSphere Application Server. No Oracle equivalent

Table: Functional differences between IBM and OpenJDK JGSS providers


System properties

The following table shows the equivalent system properties in the IBM and OpenJDK JGSS providers.

IBM OpenJDK
com.ibm.security.jgss.debug,
com.ibm.security.krb5.Krb5Debug
sun.security.krb5.debug sun.security.spnego.debug
com.ibm.security.krb5.acceptor.subkey sun.security.krb5.acceptor.subkey
com.ibm.security.krb5.autodeducerealm sun.security.krb5.autodeducerealm
com.ibm.security.krb5.rcache sun.security.krb5.rcache
com.ibm.security.spnego.msinterop sun.security.spnego.msinterop
com.ibm.security.krb5.msinterop.kstring sun.security.krb5.msinterop.kstring

Table: Differences in system properties between IBM and OpenJDK JGSS providers

The following table shows the system properties that exist only in the IBM JGSS provider, which have no OpenJDK equivalent.

System property IBM
com.ibm.security.jgss.internal.authenticatorControl Used only by WebSphere Application Server. It is not documented for public consumption.
com.ibm.security.jgss.spnegoA8: Yes SPNEGO has RFC 2478 behavior
com.ibm.security.krb5.ignoreConf Ignore Kerberos config file
ibm.security.krb5.msinterop.des.s2kcharset Set charset for string-to-key encoding
javax.security.auth.useAllCreds Used only by WebSphere Application Server. It is not documented for public consumption.
os400.credentials.ebcdic OS400 charset

Table: System properties that exist only in the IBM JGSS provider

JAAS options for Kerberos login

The following table shows the equivalent functionality in the IBM and OpenJDK JGSS providers.

IBM OpenJDK
Initiator credsType = initiator (default) isInitiator = true (default)
Acceptor credsType = acceptor isInitiator = false
Initiator & acceptor credsType = both Not available
Use default ticket cache useDefaultCache = true (default is false)
credsType must be initiator or both

Search sequence:
1. The file cache location specified by system property KRB5CCNAME.

2. <user_home><file_seperator>krb5cc_<user_name>

3. The local security authority (LSA) on Windows platforms
useTicketCache = true (default is false)
ticketCache is not set

Search sequence:
1. On Linux and Solaris platforms, when useTicketCache is set to true, searches /tmp/krb5cc_uid

2. <user_home><file_separator>krb5cc_<user_name>

3. The local security authority (LSA) on Windows platforms
Specify ticket cache useCcache = <URL> useDefaultCache must not be set to true useTicketCache = true
ticketCache = <URL>
Use default keytab useDefaultKeyTab = true (default is false)
credsType must be acceptor or both

Default keytab search sequence:
1. Java property KRB5_KTNAME

2. <default_keytab_name> in libdefaults in the Kerberos configuration file

3. <user_home><file_seperator>krb5.keytab

4. <user_directory><file_seperator>krb5.keytab
useKeyTab = true (default is false)
keyTab is not set

Default keytab search sequence:
1. <default_keytab_name> in libdefaults in the Kerberos configuration file

2. <user_home><file_seperator>krb5.keytab

3. <user_directory><file_seperator>krb5.keytab
Specify keytab useKeytab = <URL>
useDefaultKeyTab  must not be set to true
useKeyTab = true
keyTab = <URL>
Forwardable, proxiable, or renewable TGT forwardable|proxiable|renewable = true (default is false) Not available
Display login module banner moduleBanner = true (default is false) Not available
Store credentials(principals & ticket & key) in shared state storeSharedStateCredentials = true (default is false) Not available
Store user name and password in shared state Not available storePass = true (default is false)
Clear user name and password in shared state Not available clearPass = true (default is false))
Do not prompt for password Not available doNotPrompt = true (default is false)
Store key in principal’s private credentials Not available storeKey = true
Use password saved in shared state useFirstPass = true or tryFirstPass = true (defaults are both false) useFirstPass = true or tryFirstPass = true (defaults are both false)
Renew TGT renewTGT = true (default is false) renewTGT = true (default is false)
Refresh Krb5 configuration file refreshKrb5Config = true (default is false) refreshKrb5Config = true (default is false)
Output debug messages debug = true (default is false) debug = true (default is false)

Table: Comparison between IBM and OpenJDK JGSS provider function for Kerberos login

IBM Certification Path provider differences

This release contains the OpenJDK Certification Path provider, instead of the IBM Certification Path provider. Attributes and system properties that are available in IBM Certification Path (CertPath) provider might not be available, or might have different names, in the OpenJDK providers.

Attributes and system properties IBM OpenJDK
Package containing the CertPath provider com.ibm.security.cert sun.security.provider.certpath
CertPath provider name com.ibm.security.cert.IBMCertPath No separate provider for CertPath. It is incorporated into the OpenJDK provider sun.security.provider.Sun.
System property used to enable CRL Distribution Points extension checking com.ibm.security.enableCRLDP com.sun.security.enableCRLDP
System property used for support of processing both complete CRLs and delta CRLs com.ibm.security.enableDELTACRL, set to true or false
  • True: both delta CRLs and complete CRLs are used, if revocation checking is requested by the caller.
  • False (or not set): only complete CRLs are used.
No OpenJDK equivalent
System property used to define a timeout value for the connection to a certificate's CRL distribution point, or to a URICertStore object com.ibm.security.crls.timeout com.sun.security.crl.timeout
System property used to set the lifetime of entries in the memory cache of an LDAP CertStore ibm.security.certpath.ldap.cache.lifetime No OpenJDK equivalent
System property that determines whether CertPath checks revocation only on the end-entity certificate of the certificate chain, or on all the certificates of the certificate chain except for the trusted root certificate (TrustAnchor) com.ibm.security.onlyCheckRevocationOfEECert No OpenJDK equivalent. However, the same behavior can be specified within the PKIXRevocationChecker class for either IBM or OpenJDK.
Strict CRL validation Supported Not supported
Reverse building Supported Not supported

Table: Functional comparison between IBM and OpenJDK Certification path providers

SASL provider differences

This release contains the OpenJDK SASL provider, instead of the IBM SASL provider. Differences between these providers might require code changes to your applications.

The following table lists IBM SASL classes that are different to equivalent OpenJDK SASL providers.

IBMSASL class OpenJDK SASL class
com.ibm.security.auth.callback.TextCallbackHandler com.sun.security.auth.callback.TextCallbackHandler

Table: Differences for IBM SASL and OpenJDK SASL classes

JAAS provider differences

This release contains the OpenJDK JAAS provider, instead of the IBM JAAS provider. Differences between these providers might require code changes to your applications.


JAAS Active Login

In this release, JAAS Active Login is removed. There is no OpenJDK equivalent.

JAAS equivalent classes

The following table lists IBM JAAS provider classes and equivalent OpenJDK JAAS provider classes.

IBM JAAS provider class Oracle JAAS provider class
com.ibm.security.auth.callback.TextCallbackHandler com.sun.security.auth.callback.TextCallbackHandler
com.ibm.security.auth.login.ConfigFile com.sun.security.auth.login.ConfigFile
com.ibm.security.auth.module.KeyStoreLoginModule com.sun.security.auth.module.KeyStoreLoginModule
com.ibm.security.auth.module.Krb5LoginModule com.sun.security.auth.module.Krb5LoginModule
com.ibm.security.auth.module.LdapLoginModule com.sun.security.auth.module.LdapLoginModule
com.ibm.security.auth.module.NTLoginModule
com.ibm.security.auth.module.NTLiginModule2000
com.ibm.security.auth.module.Win64LoginModule
com.ibm.security.auth.JAASLoginModule
com.sun.security.auth.module.NTLoginModule
com.ibm.security.auth.module.NTSystem
com.ibm.security.auth.module.Win64System
com.sun.security.auth.module.NTSystem
com.ibm.security.auth.module.AIXLoginModule
com.ibm.security.auth.module.AIXLoginModule2000
com.ibm.security.auth.module.AIX64LoginModule
com.ibm.security.auth.module.LinuxLoginModule
com.ibm.security.auth.module.LinuxLoginModule2000
com.ibm.security.auth.JAASLoginModule
com.sun.security.auth.module.UnixLoginModule
com.ibm.security.auth.module.AIXSystem
com.ibm.security.auth.module.AIX64System
com.ibm.security.auth.module.LinuxSystem
com.sun.security.auth.module.UnixSystem
com.ibm.security.auth.LdapPrincipal com.sun.security.auth.LdapPrincipal
com.ibm.security.auth.NTDomainPrincipal
com.ibm.security.auth.DomainPrincipal
com.sun.security.auth.NTDomainPrincipal
com.ibm.security.auth.NTNumericCredential com.sun.security.auth.NTNumericCredential
com.ibm.security.auth.NTSid com.sun.security.auth.NTSid
com.ibm.security.auth.NTSidDomainPrincipal
com.ibm.security.auth.DomainIDPrincipal
com.sun.security.auth.NTSidDomainPrincipal
com.ibm.security.auth.NTSidGroupPrincipal
com.ibm.security.auth.GroupIDPrincipal
com.sun.security.auth.NTSidGroupPrincipal
com.ibm.security.auth.NTSidPrimaryGroupPrincipal
com.ibm.security.auth.PrimaryGroupIDPrincipal
com.sun.security.auth.NTSidPrimaryGroupPrincipal
com.ibm.security.auth.NTSidUserPrincipal
com.ibm.security.auth.UserIDPrincipal
com.sun.security.auth.NTSidUserPrincipal
com.ibm.security.auth.NTUserPrincipal
com.ibm.security.auth.UsernamePrincipal
com.sun.security.auth.NTUserPrincipal
com.ibm.security.auth.PolicyFile com.sun.security.auth.PolicyFile
com.ibm.security.auth.PrincipalComparator com.sun.security.auth.PrincipalComparator
com.ibm.security.auth.AIXNumericGroupPrincipal
com.ibm.security.auth.GroupIDPrincipal
com.ibm.security.auth.PrimaryGroupIDPrincipal
com.ibm.security.auth.LinuxNumericGroupPrincipal
com.sun.security.auth.UnixNumericGroupPrincipal
com.ibm.security.auth.AIXNumericUserPrincipal
com.ibm.security.auth.UserIDPrincipal
com.ibm.security.auth.LinuxNumericUserPrincipal
com.sun.security.auth.UnixNumericUserPrincipal
com.ibm.security.auth.AIXPrincipal
com.ibm.security.auth.UsernamePrincipal
com.ibm.security.auth.LinuxPrincipal
com.sun.security.auth.UnixPrincipal
com.ibm.security.auth.UsernamePrincipal com.sun.security.auth.UserPrincipal
com.ibm.security.auth.X509Principal com.sun.security.auth.X509Principal
com.ibm.security.auth.callback.DiaglogCallbackHandler
com.ibm.security.auth.DomainPrincipal
com.ibm.security.auth.DomainIDPrincipal
com.ibm.security.auth.ServerPrincipal
com.ibm.security.auth.WkstationPrincipal
com.ibm.security.auth.NTSidPrimaryGroupIDPrincipal
com.ibm.security.auth.NumericCredential
com.ibm.security.auth.JAASPrincipal
No Oracle equivalents

Table: Differences for IBM JAAS and OpenJDK JAAS provider classes

IBM SecureRandom provider

The IBMSecureRandom provider is not available in this release. However, most of the functionality is available in the OpenJDK SUN provider.

If your application uses the IBMSecureRandom provider, use the following table to find equivalent OpenJDK SUN functionality.

IBM SecureRandom function Equivalent function in the SUN provider
SecureRandom.SHA1PRNG algorithm SecureRandom.SHA1PRNG algorithm
SecureRandom.IBMSecureRandom algorithm None. Use the default SecureRandom algorithm, or specify a different algorithm if required.
MessageDigest.MD5 and MessageDigest.SHA-1 algorithms MessageDigest.MD5 and MessageDigest.SHA-1 algorithms. The OpenJDK SUN provider also provides matching aliases of SHA and SHA1 for the MessageDigest.SHA-1 algorithm.

Table: IBMSecureRandom equivalent function in the SUN provider

Note for Unix systems: The default seed source for the SecureRandom class in Version 8 was the random number generator /dev/urandom. In Version 11, the default changed to /dev/random, which blocks threads until sufficient entropy is available. This new default might therefore be a slower source of random values.

XML Digital Signature services (JSR105)

This release contains the reference implementation of JSR 105 XML Digital Signature services, which is identical to the IBM implementation provided in IBM SDK, Java Technology Edition, version 8.

The implementation class for the JSR105 XML Digital Signature provider is org.jcp.xml.dsig.internal.dom.XMLDSigRI, which can be found in the java.xml.crypto module.

The IBM implementation is the IBMXMLCrypto provider. If your application uses the IBM security class com.ibm.xml.crypto.IBMXMLCryptoProvider, you must update your application code to use the JSR 105 class instead.

Notice about plans, directions and intent

[{"Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"ARM Category":[],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"11.0.0"},{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSA3RN","label":"IBM Semeru Runtimes"},"ARM Category":[],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"11.0.0"}]

Document Information

Modified date:
11 September 2024

UID

ibm16411285