8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect
Summary: Fixed to get the MGF digest algorithm from MGF1ParameterSpec
Reviewed-by: xuelei
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java Fri Jun 28 08:48:17 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java Fri Jun 28 19:36:32 2019 +0000
@@ -395,33 +395,49 @@
("Unsupported digest algorithm in Signature parameters: " +
digestAlgorithm);
}
+
if (!(params.getMGFAlgorithm().equalsIgnoreCase("MGF1"))) {
throw new InvalidAlgorithmParameterException("Only supports MGF1");
}
+
+ // defaults to the digest algorithm unless overridden
+ String mgfDigestAlgo = digestAlgorithm;
+ AlgorithmParameterSpec mgfParams = params.getMGFParameters();
+ if (mgfParams != null) {
+ if (!(mgfParams instanceof MGF1ParameterSpec)) {
+ throw new InvalidAlgorithmParameterException
+ ("Only MGF1ParameterSpec is supported");
+ }
+ mgfDigestAlgo = ((MGF1ParameterSpec)mgfParams).getDigestAlgorithm();
+ }
+
if (params.getTrailerField() != PSSParameterSpec.TRAILER_FIELD_BC) {
throw new InvalidAlgorithmParameterException
("Only supports TrailerFieldBC(1)");
}
+
int saltLen = params.getSaltLength();
if (this.p11Key != null) {
- int maxSaltLen = ((this.p11Key.length() + 7) >> 3) - digestLen.intValue() - 2;
+ int maxSaltLen = ((this.p11Key.length() + 7) >> 3) -
+ digestLen.intValue() - 2;
if (DEBUG) {
System.out.println("Max saltLen = " + maxSaltLen);
System.out.println("Curr saltLen = " + saltLen);
}
if (maxSaltLen < 0 || saltLen > maxSaltLen) {
- throw new InvalidAlgorithmParameterException("Invalid with current key size");
+ throw new InvalidAlgorithmParameterException
+ ("Invalid with current key size");
}
- } else {
- if (DEBUG) System.out.println("No key available for validating saltLen");
+ } else if (DEBUG) {
+ System.out.println("No key available for validating saltLen");
}
// validated, now try to store the parameter internally
try {
this.mechanism.setParameter(
new CK_RSA_PKCS_PSS_PARAMS(digestAlgorithm, "MGF1",
- digestAlgorithm, saltLen));
+ mgfDigestAlgo, saltLen));
this.sigParams = params;
} catch (IllegalArgumentException iae) {
throw new InvalidAlgorithmParameterException(iae);
--- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS.java Fri Jun 28 08:48:17 2019 -0700
+++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_RSA_PKCS_PSS_PARAMS.java Fri Jun 28 19:36:32 2019 +0000
@@ -57,7 +57,7 @@
throw new ProviderException("Only MGF1 is supported");
}
// no dash in PKCS#11 mechanism names
- this.mgf = Functions.getMGFId("CKG_MGF1_" + hashAlg.replaceFirst("-", ""));
+ this.mgf = Functions.getMGFId("CKG_MGF1_" + mgfHash.replaceFirst("-", ""));
this.sLen = sLen;
}
--- a/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/KeyAndParamCheckForPSS.java Fri Jun 28 19:36:32 2019 +0000
@@ -26,7 +26,7 @@
/**
* @test
- * @bug 8080462
+ * @bug 8080462 8226651
* @summary Ensure that PSS key and params check are implemented properly
* regardless of call sequence
* @library /test/lib ..
@@ -57,12 +57,19 @@
}
// NOTE: key length >= (digest length + 2) in bytes
// otherwise, even salt length = 0 would not work
- runTest(p, 1024, "SHA-384");
- runTest(p, 1040, "SHA-512");
+ runTest(p, 1024, "SHA-256", "SHA-256");
+ runTest(p, 1024, "SHA-256", "SHA-384");
+ runTest(p, 1024, "SHA-256", "SHA-512");
+ runTest(p, 1024, "SHA-384", "SHA-256");
+ runTest(p, 1024, "SHA-384", "SHA-384");
+ runTest(p, 1024, "SHA-384", "SHA-512");
+ runTest(p, 1040, "SHA-512", "SHA-256");
+ runTest(p, 1040, "SHA-512", "SHA-384");
+ runTest(p, 1040, "SHA-512", "SHA-512");
}
- private void runTest(Provider p, int keySize, String hashAlg)
- throws Exception {
+ private void runTest(Provider p, int keySize, String hashAlg,
+ String mgfHashAlg) throws Exception {
System.out.println("Testing [" + keySize + " " + hashAlg + "]");
// create a key pair with the supplied size
@@ -72,9 +79,9 @@
int bigSaltLen = keySize/8 - 14;
AlgorithmParameterSpec paramsBad = new PSSParameterSpec(hashAlg,
- "MGF1", new MGF1ParameterSpec(hashAlg), bigSaltLen, 1);
+ "MGF1", new MGF1ParameterSpec(mgfHashAlg), bigSaltLen, 1);
AlgorithmParameterSpec paramsGood = new PSSParameterSpec(hashAlg,
- "MGF1", new MGF1ParameterSpec(hashAlg), 0, 1);
+ "MGF1", new MGF1ParameterSpec(mgfHashAlg), 0, 1);
PrivateKey priv = kp.getPrivate();
PublicKey pub = kp.getPublic();
--- a/test/jdk/sun/security/pkcs11/Signature/SigInteropPSS.java Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/SigInteropPSS.java Fri Jun 28 19:36:32 2019 +0000
@@ -27,7 +27,7 @@
/*
* @test
- * @bug 8080462
+ * @bug 8080462 8226651
* @summary testing interoperability of PSS signatures of PKCS11 provider
* against SunRsaSign provider
* @library /test/lib ..
@@ -64,42 +64,31 @@
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
kpg.initialize(3072);
KeyPair kp = kpg.generateKeyPair();
- boolean status;
- try {
- status = runTest(sigSunRsaSign, sigPkcs11, kp);
- status &= runTest(sigPkcs11, sigSunRsaSign, kp);
- } catch (Exception e) {
- System.out.println("Unexpected exception: " + e);
- e.printStackTrace(System.out);
- status = false;
- }
- if (!status) {
- throw new RuntimeException("One or more test failed");
- }
+ runTest(sigSunRsaSign, sigPkcs11, kp);
+ runTest(sigPkcs11, sigSunRsaSign, kp);
+
System.out.println("Test passed");
}
- static boolean runTest(Signature signer, Signature verifier, KeyPair kp) throws Exception {
+ static void runTest(Signature signer, Signature verifier, KeyPair kp)
+ throws Exception {
System.out.println("\tSign using " + signer.getProvider().getName());
System.out.println("\tVerify using " + verifier.getProvider().getName());
- boolean status;
- for (String digestAlg : DIGESTS) {
- System.out.println("\tDigest = " + digestAlg);
- PSSParameterSpec params = new PSSParameterSpec(digestAlg, "MGF1",
- new MGF1ParameterSpec(digestAlg), 0, 1);
- try {
+ for (String hash : DIGESTS) {
+ for (String mgfHash : DIGESTS) {
+ System.out.println("\tDigest = " + hash);
+ System.out.println("\tMGF = MGF1_" + mgfHash);
+
+ PSSParameterSpec params = new PSSParameterSpec(hash, "MGF1",
+ new MGF1ParameterSpec(mgfHash), 0, 1);
+
signer.setParameter(params);
signer.initSign(kp.getPrivate());
verifier.setParameter(params);
verifier.initVerify(kp.getPublic());
- } catch (Exception e) {
- System.out.println("\tERROR: unexpected ex during init" + e);
- status = false;
- continue;
- }
- try {
+
signer.update(MSG);
byte[] sigBytes = signer.sign();
verifier.update(MSG);
@@ -107,15 +96,9 @@
if (isValid) {
System.out.println("\tPSS Signature verified");
} else {
- System.out.println("\tERROR verifying PSS Signature");
- status = false;
+ throw new RuntimeException("ERROR verifying PSS Signature");
}
- } catch (Exception e) {
- System.out.println("\tERROR: unexpected ex" + e);
- e.printStackTrace();
- status = false;
}
}
- return true;
}
}
--- a/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java Fri Jun 28 08:48:17 2019 -0700
+++ b/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java Fri Jun 28 19:36:32 2019 +0000
@@ -27,7 +27,7 @@
/**
* @test
- * @bug 8080462
+ * @bug 8080462 8226651
* @summary Generate a RSASSA-PSS signature and verify it using PKCS11 provider
* @library /test/lib ..
* @modules jdk.crypto.cryptoki
@@ -86,17 +86,19 @@
test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data);
}
- private void test(String[] testAlgs, PrivateKey privKey,
+ private void test(String[] digestAlgs, PrivateKey privKey,
PublicKey pubKey, byte[] data) throws RuntimeException {
// For signature algorithm, create and verify a signature
- for (String testAlg : testAlgs) {
- try {
- checkSignature(data, pubKey, privKey, testAlg);
- } catch (NoSuchAlgorithmException | InvalidKeyException |
- SignatureException | NoSuchProviderException ex) {
- throw new RuntimeException(ex);
- } catch (InvalidAlgorithmParameterException ex2) {
- System.out.println("Skip test due to " + ex2);
+ for (String hash : digestAlgs) {
+ for (String mgfHash : digestAlgs) {
+ try {
+ checkSignature(data, pubKey, privKey, hash, mgfHash);
+ } catch (NoSuchAlgorithmException | InvalidKeyException |
+ SignatureException | NoSuchProviderException ex) {
+ throw new RuntimeException(ex);
+ } catch (InvalidAlgorithmParameterException ex2) {
+ System.out.println("Skip test due to " + ex2);
+ }
}
};
}
@@ -109,13 +111,14 @@
}
private void checkSignature(byte[] data, PublicKey pub,
- PrivateKey priv, String mdAlg) throws NoSuchAlgorithmException,
- InvalidKeyException, SignatureException, NoSuchProviderException,
+ PrivateKey priv, String hash, String mgfHash)
+ throws NoSuchAlgorithmException, InvalidKeyException,
+ SignatureException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- System.out.println("Testing against " + mdAlg);
+ System.out.println("Testing against " + hash + " and MGF1_" + mgfHash);
Signature sig = Signature.getInstance(SIGALG, prov);
AlgorithmParameterSpec params = new PSSParameterSpec(
- mdAlg, "MGF1", new MGF1ParameterSpec(mdAlg), 0, 1);
+ hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);
sig.setParameter(params);
sig.initSign(priv);
for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {