|
|
32c75a |
commit d41618f34f1d2f5416ec3c035f33dcb15cf5ab99
|
|
|
32c75a |
Author: Alexey Bakhtin <abakhtin@openjdk.org>
|
|
|
32c75a |
Date: Tue Apr 4 10:29:11 2023 +0000
|
|
|
32c75a |
|
|
|
32c75a |
8271199: Mutual TLS handshake fails signing client certificate with custom sensitive PKCS11 key
|
|
|
32c75a |
|
|
|
32c75a |
Reviewed-by: andrew, mbalao
|
|
|
32c75a |
Backport-of: f6232982b91cb2314e96ddbde3984836a810a556
|
|
|
32c75a |
|
|
|
32c75a |
diff --git a/jdk/src/share/classes/sun/security/rsa/RSAPSSSignature.java b/jdk/src/share/classes/sun/security/rsa/RSAPSSSignature.java
|
|
|
32c75a |
index a79e97d7c74..5378446b97b 100644
|
|
|
32c75a |
--- a/jdk/src/share/classes/sun/security/rsa/RSAPSSSignature.java
|
|
|
32c75a |
+++ b/jdk/src/share/classes/sun/security/rsa/RSAPSSSignature.java
|
|
|
32c75a |
@@ -127,12 +127,15 @@ public class RSAPSSSignature extends SignatureSpi {
|
|
|
32c75a |
@Override
|
|
|
32c75a |
protected void engineInitVerify(PublicKey publicKey)
|
|
|
32c75a |
throws InvalidKeyException {
|
|
|
32c75a |
- if (!(publicKey instanceof RSAPublicKey)) {
|
|
|
32c75a |
+ if (publicKey instanceof RSAPublicKey) {
|
|
|
32c75a |
+ RSAPublicKey rsaPubKey = (RSAPublicKey)publicKey;
|
|
|
32c75a |
+ isPublicKeyValid(rsaPubKey);
|
|
|
32c75a |
+ this.pubKey = rsaPubKey;
|
|
|
32c75a |
+ this.privKey = null;
|
|
|
32c75a |
+ resetDigest();
|
|
|
32c75a |
+ } else {
|
|
|
32c75a |
throw new InvalidKeyException("key must be RSAPublicKey");
|
|
|
32c75a |
}
|
|
|
32c75a |
- this.pubKey = (RSAPublicKey) isValid((RSAKey)publicKey);
|
|
|
32c75a |
- this.privKey = null;
|
|
|
32c75a |
- resetDigest();
|
|
|
32c75a |
}
|
|
|
32c75a |
|
|
|
32c75a |
// initialize for signing. See JCA doc
|
|
|
32c75a |
@@ -146,14 +149,17 @@ public class RSAPSSSignature extends SignatureSpi {
|
|
|
32c75a |
@Override
|
|
|
32c75a |
protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
|
|
|
32c75a |
throws InvalidKeyException {
|
|
|
32c75a |
- if (!(privateKey instanceof RSAPrivateKey)) {
|
|
|
32c75a |
+ if (privateKey instanceof RSAPrivateKey) {
|
|
|
32c75a |
+ RSAPrivateKey rsaPrivateKey = (RSAPrivateKey)privateKey;
|
|
|
32c75a |
+ isPrivateKeyValid(rsaPrivateKey);
|
|
|
32c75a |
+ this.privKey = rsaPrivateKey;
|
|
|
32c75a |
+ this.pubKey = null;
|
|
|
32c75a |
+ this.random =
|
|
|
32c75a |
+ (random == null ? JCAUtil.getSecureRandom() : random);
|
|
|
32c75a |
+ resetDigest();
|
|
|
32c75a |
+ } else {
|
|
|
32c75a |
throw new InvalidKeyException("key must be RSAPrivateKey");
|
|
|
32c75a |
}
|
|
|
32c75a |
- this.privKey = (RSAPrivateKey) isValid((RSAKey)privateKey);
|
|
|
32c75a |
- this.pubKey = null;
|
|
|
32c75a |
- this.random =
|
|
|
32c75a |
- (random == null? JCAUtil.getSecureRandom() : random);
|
|
|
32c75a |
- resetDigest();
|
|
|
32c75a |
}
|
|
|
32c75a |
|
|
|
32c75a |
/**
|
|
|
32c75a |
@@ -205,11 +211,57 @@ public class RSAPSSSignature extends SignatureSpi {
|
|
|
32c75a |
}
|
|
|
32c75a |
}
|
|
|
32c75a |
|
|
|
32c75a |
+ /**
|
|
|
32c75a |
+ * Validate the specified RSAPrivateKey
|
|
|
32c75a |
+ */
|
|
|
32c75a |
+ private void isPrivateKeyValid(RSAPrivateKey prKey) throws InvalidKeyException {
|
|
|
32c75a |
+ try {
|
|
|
32c75a |
+ if (prKey instanceof RSAPrivateCrtKey) {
|
|
|
32c75a |
+ RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)prKey;
|
|
|
32c75a |
+ if (RSAPrivateCrtKeyImpl.checkComponents(crtKey)) {
|
|
|
32c75a |
+ RSAKeyFactory.checkRSAProviderKeyLengths(
|
|
|
32c75a |
+ crtKey.getModulus().bitLength(),
|
|
|
32c75a |
+ crtKey.getPublicExponent());
|
|
|
32c75a |
+ } else {
|
|
|
32c75a |
+ throw new InvalidKeyException(
|
|
|
32c75a |
+ "Some of the CRT-specific components are not available");
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+ } else {
|
|
|
32c75a |
+ RSAKeyFactory.checkRSAProviderKeyLengths(
|
|
|
32c75a |
+ prKey.getModulus().bitLength(),
|
|
|
32c75a |
+ null);
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+ } catch (InvalidKeyException ikEx) {
|
|
|
32c75a |
+ throw ikEx;
|
|
|
32c75a |
+ } catch (Exception e) {
|
|
|
32c75a |
+ throw new InvalidKeyException(
|
|
|
32c75a |
+ "Can not access private key components", e);
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+ isValid(prKey);
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+
|
|
|
32c75a |
+ /**
|
|
|
32c75a |
+ * Validate the specified RSAPublicKey
|
|
|
32c75a |
+ */
|
|
|
32c75a |
+ private void isPublicKeyValid(RSAPublicKey pKey) throws InvalidKeyException {
|
|
|
32c75a |
+ try {
|
|
|
32c75a |
+ RSAKeyFactory.checkRSAProviderKeyLengths(
|
|
|
32c75a |
+ pKey.getModulus().bitLength(),
|
|
|
32c75a |
+ pKey.getPublicExponent());
|
|
|
32c75a |
+ } catch (InvalidKeyException ikEx) {
|
|
|
32c75a |
+ throw ikEx;
|
|
|
32c75a |
+ } catch (Exception e) {
|
|
|
32c75a |
+ throw new InvalidKeyException(
|
|
|
32c75a |
+ "Can not access public key components", e);
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+ isValid(pKey);
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+
|
|
|
32c75a |
/**
|
|
|
32c75a |
* Validate the specified RSAKey and its associated parameters against
|
|
|
32c75a |
* internal signature parameters.
|
|
|
32c75a |
*/
|
|
|
32c75a |
- private RSAKey isValid(RSAKey rsaKey) throws InvalidKeyException {
|
|
|
32c75a |
+ private void isValid(RSAKey rsaKey) throws InvalidKeyException {
|
|
|
32c75a |
try {
|
|
|
32c75a |
AlgorithmParameterSpec keyParams = rsaKey.getParams();
|
|
|
32c75a |
// validate key parameters
|
|
|
32c75a |
@@ -227,7 +279,6 @@ public class RSAPSSSignature extends SignatureSpi {
|
|
|
32c75a |
}
|
|
|
32c75a |
checkKeyLength(rsaKey, hLen, this.sigParams.getSaltLength());
|
|
|
32c75a |
}
|
|
|
32c75a |
- return rsaKey;
|
|
|
32c75a |
} catch (SignatureException e) {
|
|
|
32c75a |
throw new InvalidKeyException(e);
|
|
|
32c75a |
}
|
|
|
32c75a |
diff --git a/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java b/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
|
|
|
32c75a |
index 6b219937981..b3c1fae9672 100644
|
|
|
32c75a |
--- a/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
|
|
|
32c75a |
+++ b/jdk/src/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
|
|
|
32c75a |
@@ -80,22 +80,28 @@ public final class RSAPrivateCrtKeyImpl
|
|
|
32c75a |
RSAPrivateCrtKeyImpl key = new RSAPrivateCrtKeyImpl(encoded);
|
|
|
32c75a |
// check all CRT-specific components are available, if any one
|
|
|
32c75a |
// missing, return a non-CRT key instead
|
|
|
32c75a |
- if ((key.getPublicExponent().signum() == 0) ||
|
|
|
32c75a |
- (key.getPrimeExponentP().signum() == 0) ||
|
|
|
32c75a |
- (key.getPrimeExponentQ().signum() == 0) ||
|
|
|
32c75a |
- (key.getPrimeP().signum() == 0) ||
|
|
|
32c75a |
- (key.getPrimeQ().signum() == 0) ||
|
|
|
32c75a |
- (key.getCrtCoefficient().signum() == 0)) {
|
|
|
32c75a |
+ if (checkComponents(key)) {
|
|
|
32c75a |
+ return key;
|
|
|
32c75a |
+ } else {
|
|
|
32c75a |
return new RSAPrivateKeyImpl(
|
|
|
32c75a |
key.algid,
|
|
|
32c75a |
key.getModulus(),
|
|
|
32c75a |
- key.getPrivateExponent()
|
|
|
32c75a |
- );
|
|
|
32c75a |
- } else {
|
|
|
32c75a |
- return key;
|
|
|
32c75a |
+ key.getPrivateExponent());
|
|
|
32c75a |
}
|
|
|
32c75a |
}
|
|
|
32c75a |
|
|
|
32c75a |
+ /**
|
|
|
32c75a |
+ * Validate if all CRT-specific components are available.
|
|
|
32c75a |
+ */
|
|
|
32c75a |
+ static boolean checkComponents(RSAPrivateCrtKey key) {
|
|
|
32c75a |
+ return !((key.getPublicExponent().signum() == 0) ||
|
|
|
32c75a |
+ (key.getPrimeExponentP().signum() == 0) ||
|
|
|
32c75a |
+ (key.getPrimeExponentQ().signum() == 0) ||
|
|
|
32c75a |
+ (key.getPrimeP().signum() == 0) ||
|
|
|
32c75a |
+ (key.getPrimeQ().signum() == 0) ||
|
|
|
32c75a |
+ (key.getCrtCoefficient().signum() == 0));
|
|
|
32c75a |
+ }
|
|
|
32c75a |
+
|
|
|
32c75a |
/**
|
|
|
32c75a |
* Generate a new key from the specified type and components.
|
|
|
32c75a |
* Returns a CRT key if possible and a non-CRT key otherwise.
|