RFR: 8350661: PKCS11 HKDF throws ProviderException when requesting a 31-byte AES key
Valerie Peng
valeriep at openjdk.org
Thu Apr 10 03:30:25 UTC 2025
On Tue, 8 Apr 2025 20:02:56 GMT, Martin Balao <mbalao at openjdk.org> wrote:
> Hi,
>
> I would like to request a review for the fix of JDK-8350661. In this fix, we translate the native PKCS 11 error code into an `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey` API. With that said, different PKCS 11 libraries may throw different errors and may even (in theory) delay the error until the key is used, as _SunJCE_ does. I believe that this is an improvement but further adjustments may be needed in the future.
>
> No regressions observed in `test/jdk/sun/security/pkcs11/KDF/TestHKDF.java`.
>
> Thanks,
> Martin.-
On a related note, I am working on https://github.com/openjdk/jdk/pull/24393 and noticed that JSSE calls HKDF.deriveKey(...) with various names such as "TlsFinishedSecret", "TlsResumptionMasterSecret" as the key algorithm. This causes errors when using PKCS11 HKDF since the `P11SecretKeyFactory.getKeyInfo()` look up returns `null` and leads to `InvalidAlgorithmParameterException`. I am debating whether to do the special handling as below:
P11SecretKeyFactory.KeyInfo ki = P11SecretKeyFactory.getKeyInfo(alg);
if (ki == null) {
- throw new InvalidAlgorithmParameterException("A PKCS #11 key " +
- "type (CKK_*) was not found for a key of the algorithm '" +
- alg + "'.");
+ // special handling for TLS
+ if (alg.startsWith("Tls")) {
+ ki = P11SecretKeyFactory.getKeyInfo("Generic");
+ } else {
+ throw new InvalidAlgorithmParameterException("A PKCS #11 key " +
+ "type (CKK_*) was not found for a key of the algorithm '" +
+ alg + "'.");
+ }
Comments or suggestions? @martinuy
-------------
PR Comment: https://git.openjdk.org/jdk/pull/24526#issuecomment-2791454433
More information about the security-dev
mailing list