8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect
authorvaleriep
Fri, 28 Jun 2019 19:36:32 +0000
changeset 55530 6aa047de311b
parent 55529 33766821f738
child 55531 c868b89c7dd9
8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect Summary: Fixed to get the MGF digest algorithm from MGF1ParameterSpec Reviewed-by: xuelei
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java
src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS.java
test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java
test/jdk/sun/security/pkcs11/Signature/SigInteropPSS.java
test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java	Fri Jun 28 08:48:17 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java	Fri Jun 28 19:36:32 2019 +0000
@@ -395,33 +395,49 @@
                 ("Unsupported digest algorithm in Signature parameters: " +
                  digestAlgorithm);
         }
+
         if (!(params.getMGFAlgorithm().equalsIgnoreCase("MGF1"))) {
             throw new InvalidAlgorithmParameterException("Only supports MGF1");
         }
+
+        // defaults to the digest algorithm unless overridden
+        String mgfDigestAlgo = digestAlgorithm;
+        AlgorithmParameterSpec mgfParams = params.getMGFParameters();
+        if (mgfParams != null) {
+            if (!(mgfParams instanceof MGF1ParameterSpec)) {
+                throw new InvalidAlgorithmParameterException
+                        ("Only MGF1ParameterSpec is supported");
+            }
+            mgfDigestAlgo = ((MGF1ParameterSpec)mgfParams).getDigestAlgorithm();
+        }
+
         if (params.getTrailerField() != PSSParameterSpec.TRAILER_FIELD_BC) {
             throw new InvalidAlgorithmParameterException
                 ("Only supports TrailerFieldBC(1)");
         }
+
         int saltLen = params.getSaltLength();
         if (this.p11Key != null) {
-            int maxSaltLen = ((this.p11Key.length() + 7) >> 3) - digestLen.intValue() - 2;
+            int maxSaltLen = ((this.p11Key.length() + 7) >> 3) -
+                    digestLen.intValue() - 2;
 
             if (DEBUG) {
                 System.out.println("Max saltLen = " + maxSaltLen);
                 System.out.println("Curr saltLen = " + saltLen);
             }
             if (maxSaltLen < 0 || saltLen > maxSaltLen) {
-                throw new InvalidAlgorithmParameterException("Invalid with current key size");
+                throw new InvalidAlgorithmParameterException
+                        ("Invalid with current key size");
             }
-        } else {
-            if (DEBUG) System.out.println("No key available for validating saltLen");
+        } else if (DEBUG) {
+            System.out.println("No key available for validating saltLen");
         }
 
         // validated, now try to store the parameter internally
         try {
             this.mechanism.setParameter(
                     new CK_RSA_PKCS_PSS_PARAMS(digestAlgorithm, "MGF1",
-                        digestAlgorithm, saltLen));
+                            mgfDigestAlgo, saltLen));
             this.sigParams = params;
         } catch (IllegalArgumentException iae) {
             throw new InvalidAlgorithmParameterException(iae);
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS.java	Fri Jun 28 08:48:17 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS.java	Fri Jun 28 19:36:32 2019 +0000
@@ -57,7 +57,7 @@
             throw new ProviderException("Only MGF1 is supported");
         }
         // no dash in PKCS#11 mechanism names
-        this.mgf = Functions.getMGFId("CKG_MGF1_" + hashAlg.replaceFirst("-", ""));
+        this.mgf = Functions.getMGFId("CKG_MGF1_" + mgfHash.replaceFirst("-", ""));
         this.sLen = sLen;
     }
 
--- a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java	Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java	Fri Jun 28 19:36:32 2019 +0000
@@ -26,7 +26,7 @@
 
 /**
  * @test
- * @bug 8080462
+ * @bug 8080462 8226651
  * @summary Ensure that PSS key and params check are implemented properly
  *         regardless of call sequence
  * @library /test/lib ..
@@ -57,12 +57,19 @@
         }
         // NOTE: key length >= (digest length + 2) in bytes
         // otherwise, even salt length = 0 would not work
-        runTest(p, 1024, "SHA-384");
-        runTest(p, 1040, "SHA-512");
+        runTest(p, 1024, "SHA-256", "SHA-256");
+        runTest(p, 1024, "SHA-256", "SHA-384");
+        runTest(p, 1024, "SHA-256", "SHA-512");
+        runTest(p, 1024, "SHA-384", "SHA-256");
+        runTest(p, 1024, "SHA-384", "SHA-384");
+        runTest(p, 1024, "SHA-384", "SHA-512");
+        runTest(p, 1040, "SHA-512", "SHA-256");
+        runTest(p, 1040, "SHA-512", "SHA-384");
+        runTest(p, 1040, "SHA-512", "SHA-512");
     }
 
-    private void runTest(Provider p, int keySize, String hashAlg)
-            throws Exception {
+    private void runTest(Provider p, int keySize, String hashAlg,
+            String mgfHashAlg) throws Exception {
         System.out.println("Testing [" + keySize + " " + hashAlg + "]");
 
         // create a key pair with the supplied size
@@ -72,9 +79,9 @@
 
         int bigSaltLen = keySize/8 - 14;
         AlgorithmParameterSpec paramsBad = new PSSParameterSpec(hashAlg,
-            "MGF1", new MGF1ParameterSpec(hashAlg), bigSaltLen, 1);
+            "MGF1", new MGF1ParameterSpec(mgfHashAlg), bigSaltLen, 1);
         AlgorithmParameterSpec paramsGood = new PSSParameterSpec(hashAlg,
-            "MGF1", new MGF1ParameterSpec(hashAlg), 0, 1);
+            "MGF1", new MGF1ParameterSpec(mgfHashAlg), 0, 1);
 
         PrivateKey priv = kp.getPrivate();
         PublicKey pub = kp.getPublic();
--- a/test/jdk/sun/security/pkcs11/Signature/SigInteropPSS.java	Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/SigInteropPSS.java	Fri Jun 28 19:36:32 2019 +0000
@@ -27,7 +27,7 @@
 
 /*
  * @test
- * @bug 8080462
+ * @bug 8080462 8226651
  * @summary testing interoperability of PSS signatures of PKCS11 provider
  *         against SunRsaSign provider
  * @library /test/lib ..
@@ -64,42 +64,31 @@
         KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
         kpg.initialize(3072);
         KeyPair kp = kpg.generateKeyPair();
-        boolean status;
-        try {
-            status = runTest(sigSunRsaSign, sigPkcs11, kp);
-            status &= runTest(sigPkcs11, sigSunRsaSign, kp);
-        } catch (Exception e) {
-            System.out.println("Unexpected exception: " + e);
-            e.printStackTrace(System.out);
-            status = false;
-        }
 
-        if (!status) {
-            throw new RuntimeException("One or more test failed");
-        }
+        runTest(sigSunRsaSign, sigPkcs11, kp);
+        runTest(sigPkcs11, sigSunRsaSign, kp);
+
         System.out.println("Test passed");
     }
 
-    static boolean runTest(Signature signer, Signature verifier, KeyPair kp) throws Exception {
+    static void runTest(Signature signer, Signature verifier, KeyPair kp)
+            throws Exception {
         System.out.println("\tSign using " + signer.getProvider().getName());
         System.out.println("\tVerify using " + verifier.getProvider().getName());
 
-        boolean status;
-        for (String digestAlg : DIGESTS) {
-            System.out.println("\tDigest = " + digestAlg);
-            PSSParameterSpec params = new PSSParameterSpec(digestAlg, "MGF1",
-                    new MGF1ParameterSpec(digestAlg), 0, 1);
-            try {
+        for (String hash : DIGESTS) {
+            for (String mgfHash : DIGESTS) {
+                System.out.println("\tDigest = " + hash);
+                System.out.println("\tMGF = MGF1_" + mgfHash);
+
+                PSSParameterSpec params = new PSSParameterSpec(hash, "MGF1",
+                    new MGF1ParameterSpec(mgfHash), 0, 1);
+
                 signer.setParameter(params);
                 signer.initSign(kp.getPrivate());
                 verifier.setParameter(params);
                 verifier.initVerify(kp.getPublic());
-            } catch (Exception e) {
-                System.out.println("\tERROR: unexpected ex during init" + e);
-                status = false;
-                continue;
-            }
-            try {
+
                 signer.update(MSG);
                 byte[] sigBytes = signer.sign();
                 verifier.update(MSG);
@@ -107,15 +96,9 @@
                 if (isValid) {
                     System.out.println("\tPSS Signature verified");
                 } else {
-                    System.out.println("\tERROR verifying PSS Signature");
-                    status = false;
+                    throw new RuntimeException("ERROR verifying PSS Signature");
                 }
-            } catch (Exception e) {
-                System.out.println("\tERROR: unexpected ex" + e);
-                e.printStackTrace();
-                status = false;
             }
         }
-        return true;
     }
 }
--- a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java	Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java	Fri Jun 28 19:36:32 2019 +0000
@@ -27,7 +27,7 @@
 
 /**
  * @test
- * @bug 8080462
+ * @bug 8080462 8226651
  * @summary Generate a RSASSA-PSS signature and verify it using PKCS11 provider
  * @library /test/lib ..
  * @modules jdk.crypto.cryptoki
@@ -86,17 +86,19 @@
         test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data);
     }
 
-    private void test(String[] testAlgs, PrivateKey privKey,
+    private void test(String[] digestAlgs, PrivateKey privKey,
             PublicKey pubKey, byte[] data) throws RuntimeException {
         // For signature algorithm, create and verify a signature
-        for (String testAlg : testAlgs) {
-            try {
-                checkSignature(data, pubKey, privKey, testAlg);
-            } catch (NoSuchAlgorithmException | InvalidKeyException |
-                     SignatureException | NoSuchProviderException ex) {
-                throw new RuntimeException(ex);
-            } catch (InvalidAlgorithmParameterException ex2) {
-                System.out.println("Skip test due to " + ex2);
+        for (String hash : digestAlgs) {
+            for (String mgfHash : digestAlgs) {
+                try {
+                    checkSignature(data, pubKey, privKey, hash, mgfHash);
+                } catch (NoSuchAlgorithmException | InvalidKeyException |
+                         SignatureException | NoSuchProviderException ex) {
+                    throw new RuntimeException(ex);
+                } catch (InvalidAlgorithmParameterException ex2) {
+                    System.out.println("Skip test due to " + ex2);
+                }
             }
         };
     }
@@ -109,13 +111,14 @@
     }
 
     private void checkSignature(byte[] data, PublicKey pub,
-            PrivateKey priv, String mdAlg) throws NoSuchAlgorithmException,
-            InvalidKeyException, SignatureException, NoSuchProviderException,
+            PrivateKey priv, String hash, String mgfHash)
+            throws NoSuchAlgorithmException, InvalidKeyException,
+            SignatureException, NoSuchProviderException,
             InvalidAlgorithmParameterException {
-        System.out.println("Testing against " + mdAlg);
+        System.out.println("Testing against " + hash + " and MGF1_" + mgfHash);
         Signature sig = Signature.getInstance(SIGALG, prov);
         AlgorithmParameterSpec params = new PSSParameterSpec(
-            mdAlg, "MGF1", new MGF1ParameterSpec(mdAlg), 0, 1);
+            hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);
         sig.setParameter(params);
         sig.initSign(priv);
         for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {