SunPKCS11 connection lost after Decrypt doFinal (noPadding) openjdk 8_232

Seán Coffey sean.coffey at oracle.com
Wed Dec 4 13:34:33 UTC 2019


Also,

which JDK distro version of 8 are you using ? Note that the OpenJDK 
version has an extra few pkcs11 fixes in OpenJDK in this area (compared 
to the Oracle JDK 8 Updates) - Below being some of those :

https://bugs.openjdk.java.net/browse/JDK-8216597
https://bugs.openjdk.java.net/browse/JDK-6913047
https://bugs.openjdk.java.net/browse/JDK-6946830

Regards,
Sean.

On 03/12/19 00:56, Valerie Peng wrote:
> Hi Hubert,
>
> I've filed https://bugs.openjdk.java.net/browse/JDK-8235215 to keep 
> track of this issue.
>
> I have not yet tried if this can be reproduced in house with NSS yet.
>
> Just curious, which HSM vendor did you use? It'd be helpful to include 
> in the bug report.
>
> Thanks,
> Valerie
> On 12/2/2019 8:50 AM, DEBORDEAUX Hubert wrote:
>> Hello,
>> Following the update to OpenJDK 8_232, we did face a problem after a 
>> DECRYPT with no padding.
>> We use a SunPKCS11 provider linked to a Network HSM.
>> After a DECRYPT command (DES or AES) NOPADDING, we noticed the log : 
>> "Killing session 
>> (sun.security.pkcs11.P11Cipher.cancelOperation(P11Cipher.java:428)) 
>> active: 1"
>> All following commands failed with error : CKR_USER_NOT_LOGGED_IN
>>
>> After a quick investigation, it looks like the fix JDK-8228565 done 
>> in P11Cipher.java is the root cause of this new behavior.
>>     ....
>>     // Special handling to match SunJCE provider behavior
>>                  if (bytesBuffered == 0 && padBufferLen == 0) {
>>                      return 0;
>>                  }
>>     ....
>>     } finally {
>>                      reset(doCancel);   // doCancel is true, so 
>> killSession is called.
>>              }
>>
>> This is a source code to reproduce the problem:
>>     SunPKCS11 p = new SunPKCS11(configName);           // config to 
>> Network HSM
>>     p.setCallbackHandler(handler);    // Handler for password
>>              Security.addProvider(p);
>>                       KeyStore.CallbackHandlerProtection chp =
>>                      new KeyStore.CallbackHandlerProtection(handler);
>>                  KeyStore.Builder builder = 
>> KeyStore.Builder.newInstance("PKCS11", p, chp);
>>              KeyStore keystore = builder.getKeyStore();
>>             SecretKeyEntry entry = (SecretKeyEntry) 
>> keystore.getEntry("MyKeyAlias", null);
>>                       Cipher cipher = 
>> Cipher.getInstance("DESede/CBC/NOPADDING", p.getName());
>>              IvParameterSpec ivParameterSpec = new 
>> IvParameterSpec(new byte[8]);
>>              // cipher a text
>>              cipher.init(Cipher.ENCRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>              byte[] clearData = "clear text111111".getBytes();
>>              byte[] cipheredData = cipher.doFinal(clearData);
>>                 // Decipher the result
>>              cipher.init(Cipher.DECRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>              byte[] clearTextResult = cipher.doFinal(cipheredData);
>>     // display the result
>>     System.out.println(new String(clearTextResult));  // So far, no 
>> problem
>>                         // Try another cipher
>>              cipher.init(Cipher.ENCRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>     byte[] clearData2 = "clear text222222".getBytes();
>>             byte[] cipheredData2 = cipher.doFinal(clearData);
>>     // --> Failed with sun.security.pkcs11.wrapper.PKCS11Exception: 
>> CKR_USER_NOT_LOGGED_IN
>>
>> Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: 
>> CKR_USER_NOT_LOGGED_IN
>>     at sun.security.pkcs11.wrapper.PKCS11.C_EncryptUpdate(Native Method)
>>     at sun.security.pkcs11.P11Cipher.implUpdate(P11Cipher.java:581)
>>
>>          Workarounds:
>>     . use the SunPkcs11 jar file from openJDK 8_222
>>     . add a login after every decrypt commands
>>     . use PKCS5Padding when possible
>>
>> Could you tell me if you can reproduce this problem and what is the 
>> best way for me to report it ?
>>
>> Thanks you
>> Best Regards,
>> Hubert




More information about the security-dev mailing list