RFR: 8301553: Support Password-Based Cryptography in SunPKCS11 [v5]

Martin Balao mbalao at openjdk.org
Thu May 25 23:29:09 UTC 2023

On Thu, 25 May 2023 00:11:54 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>   8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #3)
>>   Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>>   Co-authored-by: Martin Balao <mbalao at redhat.com>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PBECipher.java line 112:
>> 110:         return pbes2Params.getAlgorithmParameters(
>> 111:                 blkSize, pbeAlg, P11Util.getSunJceProvider(),
>> 112:                 JCAUtil.getSecureRandom());
> The random source should be the one supplied through CipherSpi.engineInit(...) call if there is one available (see line 118). There is Cipher javadoc specifying this.

Good point. As I see it, the problem is not in the random source itself but in the values. There are a couple of P11PBECipher::engineInit paths in which P11PBECipher initialization succeeds but the pbes2Params does not have the salt, iCount and ivSpec in use. These paths are those in which the P11 key was already derived (it's a P11PBEKey): we check consistency but record nothing for future P11PBECipher::engineGetParameters calls. I think that we can get the right values from the P11PBEKey and PBEParameterSpec. Notice that if the ivSpec is not passed, it's value could be randomly generated in the underlying Cipher. @franferrax what do you think?


PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1206085880

More information about the security-dev mailing list