-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key #4887
Conversation
…ustom sensitive PKCS11 key
👋 Welcome back abakhtin! A progress list of the required criteria for merging this PR into |
@alexeybakhtin The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
Webrevs
|
@alexeybakhtin This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration! |
Gentle ping |
@alexeybakhtin This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration! |
Hey,
Is this fix is planned for OpenJDK 8u312? |
|
Hi @yarix, thanks for making a comment in an OpenJDK project! All comments and discussions in the OpenJDK Community must be made available under the OpenJDK Terms of Use. If you already are an OpenJDK Author, Committer or Reviewer, please click here to open a new issue so that we can record that fact. Please Use "Add GitHub user yarix for the summary. If you are not an OpenJDK Author, Committer or Reviewer, simply check the box below to accept the OpenJDK Terms of Use for your comments.
Your comment will be automatically restored once you have accepted the OpenJDK Terms of Use. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a good catch. Thank you for the fix.
if (rsaKey.getModulus().signum() == 0 || | ||
(rsaKey instanceof RSAPrivateKey rsaPrKey && | ||
(rsaPrKey.getPrivateExponent().signum() == 0 || | ||
(rsaPrKey instanceof RSAPrivateCrtKey crtKey && | ||
(crtKey.getPrimeP().signum() == 0 || | ||
crtKey.getPrimeQ().signum() == 0 || | ||
crtKey.getPrimeExponentP().signum() == 0 || | ||
crtKey.getPrimeExponentQ().signum() == 0 || | ||
crtKey.getCrtCoefficient().signum() == 0 || | ||
crtKey.getPublicExponent().signum() == 0 )))) || | ||
(rsaKey instanceof RSAPublicKey rsaPubKey && | ||
rsaPubKey.getPublicExponent().signum() == 0)) { | ||
throw new InvalidKeyException("Invalid key attributes"); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the motivation to check the signum?
crtKey.getPrimeExponentQ().signum() == 0 || | ||
crtKey.getCrtCoefficient().signum() == 0 || | ||
crtKey.getPublicExponent().signum() == 0 )))) || | ||
(rsaKey instanceof RSAPublicKey rsaPubKey && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mixing the public key and private key together in one method may be not straightforward enough to logics like this update. What do you think it we have two isvalid() method, one for private key and one for public key?
crtKey.getPublicExponent().signum() == 0 )))) || | ||
(rsaKey instanceof RSAPublicKey rsaPubKey && | ||
rsaPubKey.getPublicExponent().signum() == 0)) { | ||
throw new InvalidKeyException("Invalid key attributes"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The exception description may be confusing to users. I'm not sure if the checking could be simplified and make this exception message better matching the problems.
Hi @XueleiFan ! |
@@ -123,12 +123,13 @@ public RSAPSSSignature() { | |||
@Override | |||
protected void engineInitVerify(PublicKey publicKey) | |||
throws InvalidKeyException { | |||
if (!(publicKey instanceof RSAPublicKey)) { | |||
if (publicKey instanceof RSAPublicKey rsaPubKey) { | |||
this.pubKey = (RSAPublicKey) isPublicKeyValid(rsaPubKey); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it possible to have the isPublicKeyValid() returning RSAPublicKey, or void, so as to avoid the casting? Same comment for the isValid() method and the isPrivateKeyValid() method.
(key.getCrtCoefficient().signum() == 0)) { | ||
try { | ||
return isValid(key); | ||
} catch (InvalidKeyException ikEx) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might be an uncommon use of the exception. Exception creation and catching are expensive. It is not good for performance to recover from exception. I know there are a lot of code recovering from exception. But if it is possible, we may want to try avoid it in new code. Maybe, the isValid() could return a boolean value instead.
Thank you for review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes look fine. Have you run through all security regression tests besides those under sun/security/rsa?
@alexeybakhtin This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 1060 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@XueleiFan, @valeriepeng) but any other Committer may sponsor as well. ➡️ To flag this PR as ready for integration with the above commit message, type |
* Validate the specified RSAPrivateKey | ||
*/ | ||
private void isPrivateKeyValid(RSAPrivateKey prKey) throws InvalidKeyException { | ||
InvalidKeyException ikException = null; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I read the code correct, by define a local variable, it looks like you are trying to avoid to re-throw the exception in the catch clause. But this style adds additional effort to read the code. Exception re-throw should be fine as if the exception has been generated and will be thrown in the end of the method.
crtKey.getModulus().bitLength(), | ||
crtKey.getPublicExponent()); | ||
} else { | ||
ikException = new InvalidKeyException( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See above comment, I will just throw the exception, rather than cache it.
Agree, It looks less readable. Just tried to avoid rethrowing the exception. Reverted back to the original version. |
Hi @valeriepeng, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks good to me. Please make sure to run all security regression tests. Thank you!
Thank you all. :jdk_security tests passed without regression |
/integrate |
@alexeybakhtin |
/sponsor |
Going to push as commit f623298.
Your commit was automatically rebased without conflicts. |
@yan-too @alexeybakhtin Pushed as commit f623298. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
Is there any chance to get this back-ported to 11u? I saw the instructions for fix approvals on https://wiki.openjdk.java.net/display/JDKUpdates/JDK11u however I'm not a contributor/author. Is there any means of showing interest or upvoting etc.? |
Hi, Thanks |
Hi @mbonato @BenEfrati |
Hello,
Could you please review the small patch for the issue described in JDK-8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
I suggest updating the RSAPSSSignature.isValid() method to verify if provided key components can be applied to SunRSASign implementation.
If not applied, implementation can try to select signer from other providers
Regards
Alexey
Progress
Issue
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk pull/4887/head:pull/4887
$ git checkout pull/4887
Update a local copy of the PR:
$ git checkout pull/4887
$ git pull https://git.openjdk.java.net/jdk pull/4887/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 4887
View PR using the GUI difftool:
$ git pr show -t 4887
Using diff file
Download this PR as a diff file:
https://git.openjdk.java.net/jdk/pull/4887.diff