8185292: Stricter key generation

Reviewed-by: mullan
This commit is contained in:
Adam Petcher 2017-10-24 09:58:27 -04:00
parent bb586d9974
commit 91a1005273
7 changed files with 52 additions and 8 deletions
src
java.base/share
classes/com/sun/crypto/provider
lib/security
jdk.crypto.cryptoki/share/classes/sun/security/pkcs11
test/jdk
com/sun/crypto/provider/KeyAgreement
sun/security/pkcs11/KeyAgreement

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,11 +28,13 @@ package com.sun.crypto.provider;
import java.util.*;
import java.lang.*;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.PrivilegedAction;
import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
@ -60,6 +62,17 @@ extends KeyAgreementSpi {
private BigInteger x = BigInteger.ZERO; // the private value
private BigInteger y = BigInteger.ZERO;
private static class AllowKDF {
private static final boolean VALUE = getValue();
private static boolean getValue() {
return AccessController.doPrivileged(
(PrivilegedAction<Boolean>)
() -> Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF"));
}
}
/**
* Empty constructor
*/
@ -367,6 +380,14 @@ extends KeyAgreementSpi {
if (algorithm == null) {
throw new NoSuchAlgorithmException("null algorithm");
}
if (!algorithm.equalsIgnoreCase("TlsPremasterSecret") &&
!AllowKDF.VALUE) {
throw new NoSuchAlgorithmException("Unsupported secret key "
+ "algorithm: " + algorithm);
}
byte[] secret = engineGenerateSecret();
if (algorithm.equalsIgnoreCase("DES")) {
// DES

@ -124,6 +124,7 @@ grant codeBase "jrt:/jdk.crypto.cryptoki" {
permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read";
permission java.security.SecurityPermission "putProviderProperty.*";
permission java.security.SecurityPermission "clearProviderProperties.*";
permission java.security.SecurityPermission "removeProviderProperty.*";

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -69,6 +69,17 @@ final class P11KeyAgreement extends KeyAgreementSpi {
// KeyAgreement from SunJCE as fallback for > 2 party agreement
private KeyAgreement multiPartyAgreement;
private static class AllowKDF {
private static final boolean VALUE = getValue();
private static boolean getValue() {
return AccessController.doPrivileged(
(PrivilegedAction<Boolean>)
() -> Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF"));
}
}
P11KeyAgreement(Token token, String algorithm, long mechanism) {
super();
this.token = token;
@ -260,6 +271,7 @@ final class P11KeyAgreement extends KeyAgreementSpi {
if (algorithm == null) {
throw new NoSuchAlgorithmException("Algorithm must not be null");
}
if (algorithm.equals("TlsPremasterSecret")) {
// For now, only perform native derivation for TlsPremasterSecret
// as that is required for FIPS compliance.
@ -268,6 +280,14 @@ final class P11KeyAgreement extends KeyAgreementSpi {
// (bug not yet filed).
return nativeGenerateSecret(algorithm);
}
if (!algorithm.equalsIgnoreCase("TlsPremasterSecret") &&
!AllowKDF.VALUE) {
throw new NoSuchAlgorithmException("Unsupported secret key "
+ "algorithm: " + algorithm);
}
byte[] secret = engineGenerateSecret();
// Maintain compatibility for SunJCE:
// verify secret length is sensible for algorithm / truncate

@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,6 +27,7 @@
* @summary Verify that DHKeyAgreement can generate secret key
* objects for AES algorithm
* @author Valerie Peng
* @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true DHGenSecretKey
*/
import java.security.*;
import java.security.interfaces.*;

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,7 @@
* @bug 7146728
* @summary DHKeyAgreement2
* @author Jan Luehe
* @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true DHKeyAgreement2
*/
import java.io.*;

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,7 +26,7 @@
* @bug 8048819
* @summary This test stressful verifies the assertion of "The secret keys generated
* by all involved parties should be the same." for javax.crypto.KeyAgreement
* @run main SameDHKeyStressTest
* @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true SameDHKeyStressTest
*/
import java.security.AlgorithmParameterGenerator;
import java.security.InvalidAlgorithmParameterException;

@ -28,8 +28,8 @@
* @author Andreas Sterbenz
* @library ..
* @modules jdk.crypto.cryptoki
* @run main/othervm TestDH
* @run main/othervm TestDH sm
* @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true TestDH
* @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true TestDH sm
*/
import java.security.KeyPair;