Request for backport of 8213363 to JDK 11. The XDH (X22519, X448) keys are not decoded correctly

Jože Rihtaršič jrihtarsic1 at gmail.com
Thu Feb 1 06:43:55 UTC 2024 

Dear OpenJDK team.


I would like to kindly request that Issue ID JDK-8213363 [1] be backported
to OpenJDK 11. Please find below additional details regarding this request.

(This issue has already been submitted to Oracle JDK and has been marked as
a backport candidate to JDK 11 by “Oracle’s release, development” team )

Thank you for your time and assistance.


Best regards,
Joze Rihtarsic

[1] https://bugs.openjdk.org/browse/JDK-8213363

Issue description:

Component: Security Libraries
Subcomponent:  java.crypto
Operation system: Generic
Release JDK 11.0.22

Subject:
X25519, X448 private key PKCS#8 decoding is incorrect for JDK11

-------------------------------------------------------------------
Description:

X509Certificates containing XDH private keys generated with the Key Tool
(JDK17) or other tools cannot be used with JDK 11. The issue was fixed in
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8213363
<https://urldefense.com/v3/__https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8213363__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtG0jy5AxV$>
but it was not back-ported to JDK 11.
Can be also the JDK 11 updated with mentioned fix, so that it can READ the
correctly PKCS#8 encoded  XDH keys

-------------------------------------------------------------------
Environment:
- the OpenJDK 11 (https://wiki.openjdk.org/display/JDKUpdates/JDK11u):
openjdk version "11.0.22" 2024-01-16
OpenJDK Runtime Environment Temurin-11.0.22+7 (build 11.0.22+7)
OpenJDK 64-Bit Server VM Temurin-11.0.22+7 (build 11.0.22+7, mixed mode)

and the Oracle JDK 11 (
https://www.oracle.com/java/technologies/downloads/#java11)
java version "11.0.22" 2024-01-16 LTS
Java(TM) SE Runtime Environment 18.9 (build 11.0.22+9-LTS-219)
Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.22+9-LTS-219, mixed mode)

-------------------------------------------------------------------

Steps to reproduce:
1. Generate keystore with JDK 17  containing X25519 and X448
certificates/keys

${JDK17_HOME}/bin/keytool -genkeypair -keystore wss-ecdh.p12 -alias
issuer-ca -keyalg ED25519 -sigalg ED25519 \
        -storepass security -keypass security \
        -ext bc:c,ca:true,pathlen:2 \
        -dname "CN=issuer-ca,OU=eDeliveryAS4-2.0,OU=wss4j,O=apache,C=EU"  \
        -validity 3651

${JDK17_HOME}/bin/keytool -genkeypair -keystore wss-ecdh.p12 -alias x25519
-keyalg X25519 \
        -sigalg ED25519 -signer issuer-ca  -signerkeypass security \
        -storepass security -keypass security \
        -dname "CN=x25519, OU=eDeliveryAS4-2.0,OU=wss4j,O=apache,C=EU" \
        -validity 3650

${JDK17_HOME}/bin/keytool -genkeypair -keystore wss-ecdh.p12 -alias x448
-keyalg X448 \
        -sigalg ED25519 -signer issuer-ca  -signerkeypass security \
        -storepass security -keypass security \
        -dname "CN=x448, OU=eDeliveryAS4-2.0,OU=wss4j,O=apache,C=EU" \
        -validity 3650


2.  Use generated keystore with Java 11

String password = "security";
String alias = "x25519";
// String alias = "x448";
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(
        Files.newInputStream(Path.of("wss-ecdh.p12")),
    "security".toCharArray()
);
Key key = keystore.getKey(alias, password.toCharArray());


------------------------------------------------------------------

Expected results :


The key is successfully retrieved from the truststore
------------------------------------------------------------------

Actual Result

The exception is thrown:

java.security.UnrecoverableKeyException: Get Key failed:
java.security.InvalidKeyException: key length must be 32

at
java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:421)
at
java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:90)
at java.base/java.security.KeyStore.getKey(KeyStore.java:1057)
at
org.apache.wss4j.dom.message.EncryptionTest.testCerts(EncryptionTest.java:340)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
at java.base/java.util.ArrayList.forEach(ArrayList.java:1541)
Caused by: java.security.spec.InvalidKeySpecException:
java.security.InvalidKeyException: key length must be 32
at
jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:136)
<https://urldefense.com/v3/__http://jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:136)__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtG2FLxlPu$>
at java.base/java.security.KeyFactory.generatePrivate(KeyFactory.java:390)
at
java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:381)
at
java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:251)
at
java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:356)
... 6 more
Caused by: java.security.InvalidKeyException: key length must be 32
at
jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.checkLength(XDHPrivateKeyImpl.java:71)
<https://urldefense.com/v3/__http://jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl.checkLength(XDHPrivateKeyImpl.java:71)__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtG25NPm7j$>
at jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl
<https://urldefense.com/v3/__http://jdk.crypto.ec/sun.security.ec.XDHPrivateKeyImpl__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtGyHiSHAE$>
.<init>(XDHPrivateKeyImpl.java:64)
at
jdk.crypto.ec/sun.security.ec.XDHKeyFactory.generatePrivateImpl(XDHKeyFactory.java:169)
<https://urldefense.com/v3/__http://jdk.crypto.ec/sun.security.ec.XDHKeyFactory.generatePrivateImpl(XDHKeyFactory.java:169)__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtG53FgoUx$>
at
jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:134)
<https://urldefense.com/v3/__http://jdk.crypto.ec/sun.security.ec.XDHKeyFactory.engineGeneratePrivate(XDHKeyFactory.java:134)__;!!ACWV5N9M2RV99hQ!KZ8LCdYBd6pH9F61Gq-o7MRYNrM2zVqf776u9bc4anGx56rq-lrZZrgUvEHgbckehW6SFigMSPBtG_3MKiEv$>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/jdk-updates-dev/attachments/20240201/473682af/attachment-0001.htm>

More information about the jdk-updates-dev mailing list