8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect

Fixed to get the MGF digest algorithm from MGF1ParameterSpec

Reviewed-by: xuelei
This commit is contained in:
Valerie Peng 2019-06-28 19:36:32 +00:00
parent bb9049d3c1
commit 1e0c8e5b26
5 changed files with 69 additions and 60 deletions

View File

@ -395,33 +395,49 @@ final class P11PSSSignature extends SignatureSpi {
("Unsupported digest algorithm in Signature parameters: " +
digestAlgorithm);
}
if (!(params.getMGFAlgorithm().equalsIgnoreCase("MGF1"))) {
throw new InvalidAlgorithmParameterException("Only supports MGF1");
}
// defaults to the digest algorithm unless overridden
String mgfDigestAlgo = digestAlgorithm;
AlgorithmParameterSpec mgfParams = params.getMGFParameters();
if (mgfParams != null) {
if (!(mgfParams instanceof MGF1ParameterSpec)) {
throw new InvalidAlgorithmParameterException
("Only MGF1ParameterSpec is supported");
}
mgfDigestAlgo = ((MGF1ParameterSpec)mgfParams).getDigestAlgorithm();
}
if (params.getTrailerField() != PSSParameterSpec.TRAILER_FIELD_BC) {
throw new InvalidAlgorithmParameterException
("Only supports TrailerFieldBC(1)");
}
int saltLen = params.getSaltLength();
if (this.p11Key != null) {
int maxSaltLen = ((this.p11Key.length() + 7) >> 3) - digestLen.intValue() - 2;
int maxSaltLen = ((this.p11Key.length() + 7) >> 3) -
digestLen.intValue() - 2;
if (DEBUG) {
System.out.println("Max saltLen = " + maxSaltLen);
System.out.println("Curr saltLen = " + saltLen);
}
if (maxSaltLen < 0 || saltLen > maxSaltLen) {
throw new InvalidAlgorithmParameterException("Invalid with current key size");
throw new InvalidAlgorithmParameterException
("Invalid with current key size");
}
} else {
if (DEBUG) System.out.println("No key available for validating saltLen");
} else if (DEBUG) {
System.out.println("No key available for validating saltLen");
}
// validated, now try to store the parameter internally
try {
this.mechanism.setParameter(
new CK_RSA_PKCS_PSS_PARAMS(digestAlgorithm, "MGF1",
digestAlgorithm, saltLen));
mgfDigestAlgo, saltLen));
this.sigParams = params;
} catch (IllegalArgumentException iae) {
throw new InvalidAlgorithmParameterException(iae);

View File

@ -57,7 +57,7 @@ public class CK_RSA_PKCS_PSS_PARAMS {
throw new ProviderException("Only MGF1 is supported");
}
// no dash in PKCS#11 mechanism names
this.mgf = Functions.getMGFId("CKG_MGF1_" + hashAlg.replaceFirst("-", ""));
this.mgf = Functions.getMGFId("CKG_MGF1_" + mgfHash.replaceFirst("-", ""));
this.sLen = sLen;
}

View File

@ -26,7 +26,7 @@ import java.security.spec.*;
/**
* @test
* @bug 8080462
* @bug 8080462 8226651
* @summary Ensure that PSS key and params check are implemented properly
* regardless of call sequence
* @library /test/lib ..
@ -57,12 +57,19 @@ public class KeyAndParamCheckForPSS extends PKCS11Test {
}
// NOTE: key length >= (digest length + 2) in bytes
// otherwise, even salt length = 0 would not work
runTest(p, 1024, "SHA-384");
runTest(p, 1040, "SHA-512");
runTest(p, 1024, "SHA-256", "SHA-256");
runTest(p, 1024, "SHA-256", "SHA-384");
runTest(p, 1024, "SHA-256", "SHA-512");
runTest(p, 1024, "SHA-384", "SHA-256");
runTest(p, 1024, "SHA-384", "SHA-384");
runTest(p, 1024, "SHA-384", "SHA-512");
runTest(p, 1040, "SHA-512", "SHA-256");
runTest(p, 1040, "SHA-512", "SHA-384");
runTest(p, 1040, "SHA-512", "SHA-512");
}
private void runTest(Provider p, int keySize, String hashAlg)
throws Exception {
private void runTest(Provider p, int keySize, String hashAlg,
String mgfHashAlg) throws Exception {
System.out.println("Testing [" + keySize + " " + hashAlg + "]");
// create a key pair with the supplied size
@ -72,9 +79,9 @@ public class KeyAndParamCheckForPSS extends PKCS11Test {
int bigSaltLen = keySize/8 - 14;
AlgorithmParameterSpec paramsBad = new PSSParameterSpec(hashAlg,
"MGF1", new MGF1ParameterSpec(hashAlg), bigSaltLen, 1);
"MGF1", new MGF1ParameterSpec(mgfHashAlg), bigSaltLen, 1);
AlgorithmParameterSpec paramsGood = new PSSParameterSpec(hashAlg,
"MGF1", new MGF1ParameterSpec(hashAlg), 0, 1);
"MGF1", new MGF1ParameterSpec(mgfHashAlg), 0, 1);
PrivateKey priv = kp.getPrivate();
PublicKey pub = kp.getPublic();

View File

@ -27,7 +27,7 @@ import java.security.interfaces.*;
/*
* @test
* @bug 8080462
* @bug 8080462 8226651
* @summary testing interoperability of PSS signatures of PKCS11 provider
* against SunRsaSign provider
* @library /test/lib ..
@ -64,42 +64,31 @@ public class SigInteropPSS extends PKCS11Test {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
kpg.initialize(3072);
KeyPair kp = kpg.generateKeyPair();
boolean status;
try {
status = runTest(sigSunRsaSign, sigPkcs11, kp);
status &= runTest(sigPkcs11, sigSunRsaSign, kp);
} catch (Exception e) {
System.out.println("Unexpected exception: " + e);
e.printStackTrace(System.out);
status = false;
}
if (!status) {
throw new RuntimeException("One or more test failed");
}
runTest(sigSunRsaSign, sigPkcs11, kp);
runTest(sigPkcs11, sigSunRsaSign, kp);
System.out.println("Test passed");
}
static boolean runTest(Signature signer, Signature verifier, KeyPair kp) throws Exception {
static void runTest(Signature signer, Signature verifier, KeyPair kp)
throws Exception {
System.out.println("\tSign using " + signer.getProvider().getName());
System.out.println("\tVerify using " + verifier.getProvider().getName());
boolean status;
for (String digestAlg : DIGESTS) {
System.out.println("\tDigest = " + digestAlg);
PSSParameterSpec params = new PSSParameterSpec(digestAlg, "MGF1",
new MGF1ParameterSpec(digestAlg), 0, 1);
try {
for (String hash : DIGESTS) {
for (String mgfHash : DIGESTS) {
System.out.println("\tDigest = " + hash);
System.out.println("\tMGF = MGF1_" + mgfHash);
PSSParameterSpec params = new PSSParameterSpec(hash, "MGF1",
new MGF1ParameterSpec(mgfHash), 0, 1);
signer.setParameter(params);
signer.initSign(kp.getPrivate());
verifier.setParameter(params);
verifier.initVerify(kp.getPublic());
} catch (Exception e) {
System.out.println("\tERROR: unexpected ex during init" + e);
status = false;
continue;
}
try {
signer.update(MSG);
byte[] sigBytes = signer.sign();
verifier.update(MSG);
@ -107,15 +96,9 @@ public class SigInteropPSS extends PKCS11Test {
if (isValid) {
System.out.println("\tPSS Signature verified");
} else {
System.out.println("\tERROR verifying PSS Signature");
status = false;
}
} catch (Exception e) {
System.out.println("\tERROR: unexpected ex" + e);
e.printStackTrace();
status = false;
throw new RuntimeException("ERROR verifying PSS Signature");
}
}
}
return true;
}
}

View File

@ -27,7 +27,7 @@ import java.util.stream.IntStream;
/**
* @test
* @bug 8080462
* @bug 8080462 8226651
* @summary Generate a RSASSA-PSS signature and verify it using PKCS11 provider
* @library /test/lib ..
* @modules jdk.crypto.cryptoki
@ -86,18 +86,20 @@ public class SignatureTestPSS extends PKCS11Test {
test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data);
}
private void test(String[] testAlgs, PrivateKey privKey,
private void test(String[] digestAlgs, PrivateKey privKey,
PublicKey pubKey, byte[] data) throws RuntimeException {
// For signature algorithm, create and verify a signature
for (String testAlg : testAlgs) {
for (String hash : digestAlgs) {
for (String mgfHash : digestAlgs) {
try {
checkSignature(data, pubKey, privKey, testAlg);
checkSignature(data, pubKey, privKey, hash, mgfHash);
} catch (NoSuchAlgorithmException | InvalidKeyException |
SignatureException | NoSuchProviderException ex) {
throw new RuntimeException(ex);
} catch (InvalidAlgorithmParameterException ex2) {
System.out.println("Skip test due to " + ex2);
}
}
};
}
@ -109,13 +111,14 @@ public class SignatureTestPSS extends PKCS11Test {
}
private void checkSignature(byte[] data, PublicKey pub,
PrivateKey priv, String mdAlg) throws NoSuchAlgorithmException,
InvalidKeyException, SignatureException, NoSuchProviderException,
PrivateKey priv, String hash, String mgfHash)
throws NoSuchAlgorithmException, InvalidKeyException,
SignatureException, NoSuchProviderException,
InvalidAlgorithmParameterException {
System.out.println("Testing against " + mdAlg);
System.out.println("Testing against " + hash + " and MGF1_" + mgfHash);
Signature sig = Signature.getInstance(SIGALG, prov);
AlgorithmParameterSpec params = new PSSParameterSpec(
mdAlg, "MGF1", new MGF1ParameterSpec(mdAlg), 0, 1);
hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);
sig.setParameter(params);
sig.initSign(priv);
for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {