Stricter Public Key checking corrupts JKS
Bernd Eckenfels
ecki at zusammenkunft.net
Tue Jun 13 13:25:23 UTC 2017
The keystore I have here (which has leading 0 in Modulus in 1 cert and 0 in serial number in another) does not open in test program or keytool.exe with 8u131 (sorry last mail 7u131 was a typo)
This happens before the password query:
C:\Users> "c:\Program Files\Java\jdk1.8.0_131\bin\keytool.exe" -list -keystore c:\temp\ks\broken.jks
Keytool-Fehler: java.security.cert.CertificateParsingException: java.io.IOException: subject key, java.security.InvalidKeyException: Invalid RSA public key
I think it is OK to barf when the signature if the data is not normallized, but for not loading the whole keystore its a bit painful.
NB: the extend of this problem seems not big, so far we had one customer with two partners, but not all of them might use the latest java yet.
The stacktrace I posted (repeatet here) is JDK 8U131 (Win64)
> "c:\Program Files\Java\jdk1.8.0_131\bin\java" -cp \ws\github\javacryptotest\target\classes net.eckenfels.test.certpath.KeystoreExploder c:\temp\ks\broken.jks
Writing c:\temp\ks\broken.jks to C:\Users directory ...
Exception in thread "main" java.security.cert.CertificateParsingException: java.io.IOException: subject key, java.security.InvalidKeyException: Invalid RSA public key
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1804)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:755)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at net.eckenfels.test.certpath.KeystoreExploder.main(KeystoreExploder.java:66)
...
Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
at sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:152)
at sun.security.util.DerInputStream.getBigInteger(DerInputStream.java:207)
at sun.security.rsa.RSAPrivateCrtKeyImpl.getBigInteger(RSAPrivateCrtKeyImpl.java:214)
at sun.security.rsa.RSAPublicKeyImpl.parseKeyBits(RSAPublicKeyImpl.java:115)
... 21 more
I can provide you with the keystore offlist (contains a few comany names which should not be public).
BTW: it reads "RSAPrivateCRtKeyImpl but the cert is a TrustedCertEntry.
Gruss
Bernd
2017-06-12 13:29 GMT+02:00 Sean Mullan <sean.mullan at oracle.com<mailto:sean.mullan at oracle.com>>:
Hi Bernd,
This issue should be fixed in 8u131. Can you try that and let us know?
--Sean
On 6/9/17 10:18 PM, Bernd wrote:
I noticed there is a bug (8177657,etc) about stricter DER checking on JDK Certificate code. I have an JKS Keystore which no longer can be opened because of that.
I understand that the strict parsing has to stay for public keys, however I wonder if anything can be done about loading the other keys from the keystore or at least reporting the alias of the unparseable entry.
The Problem was introduced with 8u121, 8u112 can open the file and it exists in 7u131 as well.
Exception in thread "main" java.security.cert.CertificateParsingException: java.io.IOException: subject key, java.security.InvalidKeyException: Invalid RSA public key
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:169)
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1804)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:195)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:102)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:755)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at net.eckenfels.test.certpath.Ke<http://net.eckenfels.test.certpath.Ke>ystoreImport.main(KeystoreImport.java:29)
Caused by: java.io.IOException: subject key, java.security.InvalidKeyException: Invalid RSA public key
at sun.security.x509.X509Key.parse(X509Key.java:174)
at sun.security.x509.CertificateX509Key.<init>(CertificateX509Key.java:75)
at sun.security.x509.X509CertInfo.parse(X509CertInfo.java:667)
at sun.security.x509.X509CertInfo.<init>(X509CertInfo.java:167)
... 10 more
Caused by: java.security.InvalidKeyException: java.security.InvalidKeyException: Invalid RSA public key
at sun.security.x509.X509Key.buildX509Key(X509Key.java:227)
at sun.security.x509.X509Key.parse(X509Key.java:170)
... 13 more
Caused by: java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Invalid RSA public key
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:205)
at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
at sun.security.x509.X509Key.buildX509Key(X509Key.java:223)
... 14 more
Caused by: java.security.InvalidKeyException: Invalid RSA public key
at sun.security.rsa.RSAPublicKeyImpl.parseKeyBits(RSAPublicKeyImpl.java:120)
at sun.security.x509.X509Key.decode(X509Key.java:391)
at sun.security.x509.X509Key.decode(X509Key.java:403)
at sun.security.rsa.RSAPublicKeyImpl.<init>(RSAPublicKeyImpl.java:84)
at sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:298)
at sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:201)
... 16 more
Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
at sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:152)
at sun.security.util.DerInputStream.getBigInteger(DerInputStream.java:207)
at sun.security.rsa.RSAPrivateCrtKeyImpl.getBigInteger(RSAPrivateCrtKeyImpl.java:214)
at sun.security.rsa.RSAPublicKeyImpl.parseKeyBits(RSAPublicKeyImpl.java:115)
... 21 more
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20170613/9acde003/attachment.htm>
More information about the security-dev
mailing list