RFR: 8301553: Support Password-Based Cryptography in SunPKCS11

Martin Balao mbalao at openjdk.org
Sat Mar 18 06:57:24 UTC 2023

On Sat, 18 Mar 2023 06:49:20 GMT, Martin Balao <mbalao at openjdk.org> wrote:

>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java line 233:
>>> 231:                 CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, 512));
>>> 232:         putKeyInfo(new P12MacPBEKeyInfo("HmacPBESHA512/256",
>>> 233:                 CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, 512));
>> Are these key lengths really 512? Or should they match the output size as in other key infos?
> Good question. Looks like a bug. The values should probably be 224 and 256 respectively (output sizes). @franferrax what do you think? We can trace the CKA_VALUE_LEN for these mechanisms in the NSS Software Token to verify it. Also, we should explore if it's possible to add a test for HmacPBESHA512/224 and HmacPBESHA512/256 to TestPBKD. I'll make the change but leave this comment open until we further explore.

I just realized that the underlying native mechanism is the same so I'm not even sure that the NSS Software Token will truncate the output as we expect. This reinforces the need for further exploration and testing. We may need to remove support for these algorithms.


PR: https://git.openjdk.org/jdk/pull/12396

More information about the security-dev mailing list