SunPKCS11 connection lost after Decrypt doFinal (noPadding) openjdk 8_232

DEBORDEAUX Hubert hubert.debordeaux at thalesgroup.com
Wed Dec 4 14:15:51 UTC 2019


I reproduced the issue using AdoptOpenJDK 8_232 on Windows 10.
One of our customers faced the same problem on CentOS 7.6. I guess it is the regular CentOS distribution.

Our first analysis of pkcs11 changes has been done on the following file : 
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/file/5456f24496f4/src/share/classes/sun/security/pkcs11/P11Cipher.java

We did not look at the other fixes as the update on P11Cipher seems to be the root cause.
But you are right, we are going to have a look at them also.


Thanks
Hubert



-----Original Message-----
From: Seán Coffey [mailto:sean.coffey at oracle.com] 
Sent: Wednesday, December 4, 2019 14:35
To: Valerie Peng <valerie.peng at oracle.com>; DEBORDEAUX Hubert <hubert.debordeaux at thalesgroup.com>; security-dev at openjdk.java.net
Subject: Re: SunPKCS11 connection lost after Decrypt doFinal (noPadding) openjdk 8_232

Also,

which JDK distro version of 8 are you using ? Note that the OpenJDK version has an extra few pkcs11 fixes in OpenJDK in this area (compared to the Oracle JDK 8 Updates) - Below being some of those :

https://bugs.openjdk.java.net/browse/JDK-8216597
https://bugs.openjdk.java.net/browse/JDK-6913047
https://bugs.openjdk.java.net/browse/JDK-6946830

Regards,
Sean.

On 03/12/19 00:56, Valerie Peng wrote:
> Hi Hubert,
>
> I've filed https://bugs.openjdk.java.net/browse/JDK-8235215 to keep 
> track of this issue.
>
> I have not yet tried if this can be reproduced in house with NSS yet.
>
> Just curious, which HSM vendor did you use? It'd be helpful to include 
> in the bug report.
>
> Thanks,
> Valerie
> On 12/2/2019 8:50 AM, DEBORDEAUX Hubert wrote:
>> Hello,
>> Following the update to OpenJDK 8_232, we did face a problem after a 
>> DECRYPT with no padding.
>> We use a SunPKCS11 provider linked to a Network HSM.
>> After a DECRYPT command (DES or AES) NOPADDING, we noticed the log : 
>> "Killing session
>> (sun.security.pkcs11.P11Cipher.cancelOperation(P11Cipher.java:428))
>> active: 1"
>> All following commands failed with error : CKR_USER_NOT_LOGGED_IN
>>
>> After a quick investigation, it looks like the fix JDK-8228565 done 
>> in P11Cipher.java is the root cause of this new behavior.
>>     ....
>>     // Special handling to match SunJCE provider behavior
>>                  if (bytesBuffered == 0 && padBufferLen == 0) {
>>                      return 0;
>>                  }
>>     ....
>>     } finally {
>>                      reset(doCancel);   // doCancel is true, so 
>> killSession is called.
>>              }
>>
>> This is a source code to reproduce the problem:
>>     SunPKCS11 p = new SunPKCS11(configName);           // config to 
>> Network HSM
>>     p.setCallbackHandler(handler);    // Handler for password
>>              Security.addProvider(p);
>>                       KeyStore.CallbackHandlerProtection chp =
>>                      new KeyStore.CallbackHandlerProtection(handler);
>>                  KeyStore.Builder builder = 
>> KeyStore.Builder.newInstance("PKCS11", p, chp);
>>              KeyStore keystore = builder.getKeyStore();
>>             SecretKeyEntry entry = (SecretKeyEntry) 
>> keystore.getEntry("MyKeyAlias", null);
>>                       Cipher cipher = 
>> Cipher.getInstance("DESede/CBC/NOPADDING", p.getName());
>>              IvParameterSpec ivParameterSpec = new 
>> IvParameterSpec(new byte[8]);
>>              // cipher a text
>>              cipher.init(Cipher.ENCRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>              byte[] clearData = "clear text111111".getBytes();
>>              byte[] cipheredData = cipher.doFinal(clearData);
>>                 // Decipher the result
>>              cipher.init(Cipher.DECRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>              byte[] clearTextResult = cipher.doFinal(cipheredData);
>>     // display the result
>>     System.out.println(new String(clearTextResult));  // So far, no 
>> problem
>>                         // Try another cipher
>>              cipher.init(Cipher.ENCRYPT_MODE, entry.getSecretKey(), 
>> ivParameterSpec);
>>     byte[] clearData2 = "clear text222222".getBytes();
>>             byte[] cipheredData2 = cipher.doFinal(clearData);
>>     // --> Failed with sun.security.pkcs11.wrapper.PKCS11Exception: 
>> CKR_USER_NOT_LOGGED_IN
>>
>> Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: 
>> CKR_USER_NOT_LOGGED_IN
>>     at sun.security.pkcs11.wrapper.PKCS11.C_EncryptUpdate(Native Method)
>>     at sun.security.pkcs11.P11Cipher.implUpdate(P11Cipher.java:581)
>>
>>          Workarounds:
>>     . use the SunPkcs11 jar file from openJDK 8_222
>>     . add a login after every decrypt commands
>>     . use PKCS5Padding when possible
>>
>> Could you tell me if you can reproduce this problem and what is the 
>> best way for me to report it ?
>>
>> Thanks you
>> Best Regards,
>> Hubert



More information about the security-dev mailing list