RFR: 8348732: SunJCE and SunPKCS11 have different PBE key encodings

Valerie Peng valeriep at openjdk.org
Tue Mar 25 00:14:08 UTC 2025 

On Wed, 19 Mar 2025 17:39:39 GMT, Francisco Ferrari Bihurriet <fferrari at openjdk.org> wrote:

>> test/jdk/sun/security/pkcs11/Mac/PBAMac.java line 1:
>> 
>>> 1: /*
>> 
>> I suggest changing this test's password to contain non-ASCII characters, so we have a better coverage in both _SunJCE_ (when checking the assertion data) and _SunPKCS11_ (when doing the actual test):
>> 
>> diff --git a/test/jdk/sun/security/pkcs11/Mac/PBAMac.java b/test/jdk/sun/security/pkcs11/Mac/PBAMac.java
>> index b70a0a6d618..0baf85bb5de 100644
>> --- a/test/jdk/sun/security/pkcs11/Mac/PBAMac.java
>> +++ b/test/jdk/sun/security/pkcs11/Mac/PBAMac.java
>> @@ -1,5 +1,5 @@
>>  /*
>> - * Copyright (c) 2023, Red Hat, Inc.
>> + * Copyright (c) 2023, 2025, Red Hat, Inc.
>>   *
>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>   *
>> @@ -44,7 +44,7 @@
>>   */
>>  
>>  public final class PBAMac extends PKCS11Test {
>> -    private static final char[] password = "123456".toCharArray();
>> +    private static final char[] password = "123456\uA4F7".toCharArray();
>>      private static final byte[] salt = "abcdefgh".getBytes(
>>              StandardCharsets.UTF_8);
>>      private static final int iterations = 1000;
>> @@ -102,19 +102,19 @@ private static void checkAssertionValues(BigInteger expectedValue,
>>      // Generated with SunJCE.
>>      private static final AssertionData[] assertionData = new AssertionData[]{
>>              macAssertionData("HmacPBESHA1", "HmacSHA1",
>> -                    "707606929395e4297adc63d520ac7d22f3f5fa66"),
>> +                    "8611414ddb1875d9f576282199ab492a802b7d49"),
>>              macAssertionData("HmacPBESHA224", "HmacSHA224",
>> -                    "4ffb5ad4974a7a9fca5a36ebe3e34dd443c07fb68c392f8b611657e6"),
>> +                    "cebb12b48eb90c07336c695f771d1d0ef4ccf5b9524fc0ab6fb9813a"),
>>              macAssertionData("HmacPBESHA256", "HmacSHA256",
>> -                    "9e8c102c212d2fd1334dc497acb4e002b04e84713b7eda5a63807af2" +
>> -                    "989d3e50"),
>> +                    "d83a6a4e8b0e1ec939d05790f385dd774bd2b7c17cfa2dd004efc894" +
>> +                    "e5d53f51"),
>>              macAssertionData("HmacPBESHA384", "HmacSHA384",
>> -                    "77f31a785d4f2220251143a4ba80f5610d9d0aeaebb4a278b8a7535c" +
>> -                    "8cea8e8211809ba450458e351c5b66d691839c23"),
>> +                    "ae6b69cf9edfd9cd8c3b51cdf2b0243502f35a3e6007f33b1ab73568" +
>> +                    "2ea81ea562f4383bb9512ff70752367b7259b16f"),
>>              macAssertionData("HmacPBESHA512", "HmacSHA512",
>> -                    "a53f942a844b2...
>
> Even when the suggested `PBECipher` and `PBAMac` test changes would improve the confidence, validating _SunJCE_ against _SunPKCS11_ and viceversa is not a completely independent test, specially given both providers share some common code in `PBEUtil`. For this reason, I've just also did the following cross-check with OpenSSL:
> 
> 
> # Non-ASCII password
> password='Th1s is a Bullet: •'
> 
> # Create a PKCS #12 keystore with a certificate and a key pair
> openssl req -x509 -nodes -newkey rsa:4096 -subj /C=TT/ST=TT/L=TT/O=Test/CN=test.com/ -keyout key.pem -out cert.pem
> openssl pkcs12 -export -inkey key.pem -in cert.pem -passout "pass:$password" -out ks.p12
> 
> # Read the keystore with keytool
> build/*/images/jdk/bin/keytool -v -list -storetype pkcs12 -keystore ks.p12 -storepass "$password"
> 
> # Cleanup
> unset password && rm -f key.pem cert.pem ks.p12
> 
> 
> <details>
> <summary><code>keytool</code> output from JDK 23:</summary>
> 
> 
> keytool error: java.io.IOException: keystore password was incorrect
> java.io.IOException: keystore password was incorrect
> 	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2112)
> 	at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:228)
> 	at java.base/java.security.KeyStore.load(KeyStore.java:1499)
> 	at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:961)
> 	at java.base/sun.security.tools.keytool.Main.run(Main.java:429)
> 	at java.base/sun.security.tools.keytool.Main.main(Main.java:410)
> Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: java.io.IOException: getSecretKey failed: Password is not ASCII
> 	... 6 more
> 
> </details>
> 
> <details>
> <summary><code>keytool</code> output from a build of this PR's branch:</summary>
> 
> 
> keytool error: java.io.IOException: keystore password was incorrect
> java.io.IOException: keystore password was incorrect
> 	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2109)
> 	at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:226)
> 	at java.base/java.security.KeyStore.load(KeyStore.java:1502)
> 	at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:951)
> 	at java.base/sun.security.tools.keytool.Main.run(Main.java:419)
> 	at java.base/sun.security.tools.keytool.Main.main(Main.java:400)
> Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a...

Sure, thanks for crosschecking.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24068#discussion_r2011087253

More information about the security-dev mailing list