PKCS #11 provider shutdown process, key zeroization

[Milton Smith]

Hi Matthew,

I reached out to you outside this list not long ago.  We have not forgot about you.  ;o)

Can you quickly enumerate your concerns (#1, #2, etc)?  They seem mostly related to zeroization.  I just want to be sure we capture all your concerns and don't miss any.

Regards,
Milton

On Mar 18, 2013, at 1:05 PM, Matthew Hall <mhall at mhcomputing.net> wrote:

> Hello,
> 
> Can anyone please respond to my feedback on the PKCS #11 provider? It's been 
> one month since I posted about several potential issues with the code. I would 
> like to hear from someone with the necessary expertise. The OpenJDK process 
> isn't very community-friendly if nobody will try to reply.
> 
> Thanks,
> Matthew Hall.
> 
> On Tue, Feb 19, 2013 at 04:59:29PM -0800, Matthew Hall wrote:
>> I found another issue related to this topic.
>> 
>> Quite a number of bits of code are printing out the content of the private 
>> exponent of the RSA Private Keys by default into the toString() output, which 
>> could lead to key compromise if they're printed into a log.
>> 
>> share/classes/sun/security/pkcs11/P11Key.java:552:            sb.append("\n  private exponent: ");
>> share/classes/sun/security/pkcs11/P11Key.java:624:            sb.append("\n  private exponent: ");
>> share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java:238:        sb.append("\n  private exponent: ");
>> share/classes/sun/security/rsa/RSAPrivateKeyImpl.java:105:                + n + "\n  private exponent: " + d;
>> 
>> Ordinarily I believe FIPS and PCI would require that there isn't any code 
>> sitting around that could accidentally or unexpectedly print out the private 
>> key data. Is this toString() behaving that way for a good reason?
>> 
>> Matthew.