Integrated: 8289301: P11Cipher should not throw out of bounds exception during padding

zzambers duke at openjdk.org
Thu Jul 7 18:21:01 UTC 2022 

On Tue, 28 Jun 2022 12:57:21 GMT, zzambers <duke at openjdk.org> wrote:

> SunPkcs11 provider throws out of bounds exception during encryption when specific conditions are met.
> 
> Exception:
> 
> Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 32
> 	at java.base/java.util.Arrays.rangeCheck(Arrays.java:725)
> 	at java.base/java.util.Arrays.fill(Arrays.java:3308)
> 	at jdk.crypto.cryptoki/sun.security.pkcs11.P11Cipher$PKCS5Padding.setPaddingBytes(P11Cipher.java:96)
> 	at jdk.crypto.cryptoki/sun.security.pkcs11.P11Cipher.implDoFinal(P11Cipher.java:813)
> 	at jdk.crypto.cryptoki/sun.security.pkcs11.P11Cipher.engineDoFinal(P11Cipher.java:585)
> 	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2417)
> ...
> 
> 
> Details:
> This problems happens when reqBlockUpdates is true and implUpdate, which does not end on block boundary, is performed followed by final implUpdate, which ends exactly on block boundary. In that case final implUpdate fills padBuffer and then just returns. [1] Following implDoFinal then tries to add padding and throws OOB exception. Problem is, that in this case (input is multiple of block size) whole padding block should be added, but there is no space for it in padBuffer causing OOB exception.
> 
> Solution:
> Solution is to detect this case (implDoFinal is called with full padBuffer) and to perform additional C_EncryptUpdate to free up padBuffer so that padBuffer can than be used to add whole new padding block.
> 
> [1] https://github.com/openjdk/jdk/blob/d4eeeb82cb2288973a6a247c54513f7e1c6b58f0/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java#L622

This pull request has now been integrated.

Changeset: 3e60e828
Author:    Zdenek Zambersky <zzambers at redhat.com>
Committer: Valerie Peng <valeriep at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/3e60e828148a0490a4422d0724d15f3eccec17f0
Stats:     124 lines in 2 files changed: 117 ins; 0 del; 7 mod

8289301: P11Cipher should not throw out of bounds exception during padding

Reviewed-by: valeriep

-------------

PR: https://git.openjdk.org/jdk/pull/9310

More information about the security-dev mailing list