Debuggability of failures in sun.security.rsa.RSASignature
Brad Wetmore
bradford.wetmore at oracle.com
Tue Apr 9 01:13:21 UTC 2013
Hi Matthew,
I've just taken a quick look, but yes, this seems to be a usability
issue that should somehow be addressed, either by adding some
logging/debugging or throwing a SignatureException. There's currently
no logging/debugging in this package.
We'd need to figure out why the original author made the original
decision to swallow the exception.
I've filed:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8011740
to track this.
Brad
On 4/1/2013 6:49 PM, Matthew Hall wrote:
> Hi,
>
> This code in RSASignature catches javax.crypto.BadPaddingException without
> logging it, and some of the functions in try { ... } have detailed exceptions
> which get lost when this exception is not properly propagated to calling code.
>
> At minimum there should be a security logging debug flag which enables logging
> the exceptions instead of silently suppressing them, otherwise it's impossible
> to troubleshoot or even detect that issued were encountered here without using
> a debugger on it.
>
> Thoughts?
> Matthew.
>
> // verify the data and return the result. See JCA doc
> protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
> byte[] digest = getDigestValue();
> try {
> byte[] decrypted = RSACore.rsa(sigBytes, publicKey);
> byte[] unpadded = padding.unpad(decrypted);
> byte[] decodedDigest = decodeSignature(digestOID, unpadded);
> return Arrays.equals(digest, decodedDigest);
> } catch (javax.crypto.BadPaddingException e) {
> // occurs if the app has used the wrong RSA public key
> // or if sigBytes is invalid
> // return false rather than propagating the exception for
> // compatibility/ease of use
> return false; *** PROBLEM LINE ***
>
More information about the security-dev
mailing list