changeset 410:4743ffa102f9

6695485: SignedObject constructor throws ProviderException if it's called using provider "SunPKCS11-Solaris" Summary: Added checking for RSA key lengths in initSign and initVerify Reviewed-by: vinnie
author valeriep
date Fri, 06 Aug 2010 15:23:54 -0700
parents 85b819949825
children 9bc38055eb70
files src/share/classes/sun/security/pkcs11/P11Signature.java test/sun/security/pkcs11/Signature/TestRSAKeyLength.java
diffstat 2 files changed, 140 insertions(+), 15 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/pkcs11/P11Signature.java	Fri Aug 06 15:12:11 2010 -0700
+++ b/src/share/classes/sun/security/pkcs11/P11Signature.java	Fri Aug 06 15:23:54 2010 -0700
@@ -30,7 +30,7 @@
 import java.nio.ByteBuffer;
 
 import java.security.*;
-import java.security.interfaces.ECPublicKey;
+import java.security.interfaces.*;
 
 import sun.nio.ch.DirectBuffer;
 
@@ -88,7 +88,7 @@
     // mechanism id
     private final long mechanism;
 
-    // digest algorithm OID, if we do RSA padding ourselves
+    // digest algorithm OID, if we encode RSA signature ourselves
     private final ObjectIdentifier digestOID;
 
     // type, one of T_* below
@@ -103,7 +103,7 @@
     // associated session, if any
     private Session session;
 
-    // mode, on of M_* below
+    // mode, one of M_* below
     private int mode;
 
     // flag indicating whether an operation is initialized
@@ -137,6 +137,9 @@
         this.token = token;
         this.algorithm = algorithm;
         this.mechanism = mechanism;
+        byte[] buffer = null;
+        ObjectIdentifier digestOID = null;
+        MessageDigest md = null;
         switch ((int)mechanism) {
         case (int)CKM_MD2_RSA_PKCS:
         case (int)CKM_MD5_RSA_PKCS:
@@ -146,34 +149,25 @@
         case (int)CKM_SHA512_RSA_PKCS:
             keyAlgorithm = "RSA";
             type = T_UPDATE;
-            digestOID = null;
             buffer = new byte[1];
-            md = null;
             break;
         case (int)CKM_DSA_SHA1:
             keyAlgorithm = "DSA";
             type = T_UPDATE;
-            digestOID = null;
             buffer = new byte[1];
-            md = null;
             break;
         case (int)CKM_ECDSA_SHA1:
             keyAlgorithm = "EC";
             type = T_UPDATE;
-            digestOID = null;
             buffer = new byte[1];
-            md = null;
             break;
         case (int)CKM_DSA:
             keyAlgorithm = "DSA";
-            digestOID = null;
             if (algorithm.equals("DSA")) {
                 type = T_DIGEST;
                 md = MessageDigest.getInstance("SHA-1");
-                buffer = null;
             } else if (algorithm.equals("RawDSA")) {
                 type = T_RAW;
-                md = null;
                 buffer = new byte[20];
             } else {
                 throw new ProviderException(algorithm);
@@ -181,10 +175,8 @@
             break;
         case (int)CKM_ECDSA:
             keyAlgorithm = "EC";
-            digestOID = null;
             if (algorithm.equals("NONEwithECDSA")) {
                 type = T_RAW;
-                md = null;
                 buffer = new byte[RAW_ECDSA_MAX];
             } else {
                 String digestAlg;
@@ -201,7 +193,6 @@
                 }
                 type = T_DIGEST;
                 md = MessageDigest.getInstance(digestAlg);
-                buffer = null;
             }
             break;
         case (int)CKM_RSA_PKCS:
@@ -234,6 +225,9 @@
         default:
             throw new ProviderException("Unknown mechanism: " + mechanism);
         }
+        this.buffer = buffer;
+        this.digestOID = digestOID;
+        this.md = md;
     }
 
     private void ensureInitialized() {
@@ -325,9 +319,52 @@
         }
     }
 
+    private void checkRSAKeyLength(int len) throws InvalidKeyException {
+        RSAPadding padding;
+        try {
+            padding = RSAPadding.getInstance
+                (RSAPadding.PAD_BLOCKTYPE_1, (len + 7) >> 3);
+        } catch (InvalidAlgorithmParameterException iape) {
+            throw new InvalidKeyException(iape.getMessage());
+        }
+        int maxDataSize = padding.getMaxDataSize();
+        int encodedLength;
+        if (algorithm.equals("MD5withRSA") ||
+            algorithm.equals("MD2withRSA")) {
+            encodedLength = 34;
+        } else if (algorithm.equals("SHA1withRSA")) {
+            encodedLength = 35;
+        } else if (algorithm.equals("SHA256withRSA")) {
+            encodedLength = 51;
+        } else if (algorithm.equals("SHA384withRSA")) {
+            encodedLength = 67;
+        } else if (algorithm.equals("SHA512withRSA")) {
+            encodedLength = 83;
+        } else {
+            throw new ProviderException("Unknown signature algo: " + algorithm);
+        }
+        if (encodedLength > maxDataSize) {
+            throw new InvalidKeyException
+                ("Key is too short for this signature algorithm");
+        }
+    }
+
     // see JCA spec
     protected void engineInitVerify(PublicKey publicKey)
             throws InvalidKeyException {
+        if (publicKey == null) {
+            throw new InvalidKeyException("Key must not be null");
+        }
+        // Need to check RSA key length whenever a new key is set
+        if (keyAlgorithm.equals("RSA") && publicKey != p11Key) {
+            int keyLen;
+            if (publicKey instanceof P11Key) {
+                keyLen = ((P11Key) publicKey).keyLength();
+            } else {
+                keyLen = ((RSAKey) publicKey).getModulus().bitLength();
+            }
+            checkRSAKeyLength(keyLen);
+        }
         cancelOperation();
         mode = M_VERIFY;
         p11Key = P11KeyFactory.convertKey(token, publicKey, keyAlgorithm);
@@ -337,6 +374,19 @@
     // see JCA spec
     protected void engineInitSign(PrivateKey privateKey)
             throws InvalidKeyException {
+        if (privateKey == null) {
+            throw new InvalidKeyException("Key must not be null");
+        }
+        // Need to check RSA key length whenever a new key is set
+        if (keyAlgorithm.equals("RSA") && privateKey != p11Key) {
+            int keyLen;
+            if (privateKey instanceof P11Key) {
+                keyLen = ((P11Key) privateKey).keyLength;
+            } else {
+                keyLen = ((RSAKey) privateKey).getModulus().bitLength();
+            }
+            checkRSAKeyLength(keyLen);
+        }
         cancelOperation();
         mode = M_SIGN;
         p11Key = P11KeyFactory.convertKey(token, privateKey, keyAlgorithm);
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/pkcs11/Signature/TestRSAKeyLength.java	Fri Aug 06 15:23:54 2010 -0700
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/**
+ * @test
+ * @bug 6695485
+ * @summary Make sure initSign/initVerify() check RSA key lengths
+ * @author Yu-Ching Valerie Peng
+ * @library ..
+ */
+
+import java.security.*;
+
+public class TestRSAKeyLength extends PKCS11Test {
+    public static void main(String[] args) throws Exception {
+        main(new TestRSAKeyLength());
+    }
+    public void main(Provider p) throws Exception {
+        boolean isValidKeyLength[] = { true, true, false, false };  
+        String algos[] = { "SHA1withRSA", "SHA256withRSA", 
+                           "SHA384withRSA", "SHA512withRSA" };
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
+        kpg.initialize(512);
+        KeyPair kp = kpg.generateKeyPair();
+        PrivateKey privKey = kp.getPrivate();
+        PublicKey pubKey = kp.getPublic();
+
+        for (int i = 0; i < algos.length; i++) {
+            Signature sig = Signature.getInstance(algos[i], p);
+            System.out.println("Testing RSA signature " + algos[i]);
+            try {
+                sig.initSign(privKey);
+                if (!isValidKeyLength[i]) {
+                    throw new Exception("initSign: Expected IKE not thrown!");
+                }
+            } catch (InvalidKeyException ike) {
+                if (isValidKeyLength[i]) {
+                    throw new Exception("initSign: Unexpected " + ike);
+                }
+            }
+            try {
+                sig.initVerify(pubKey);
+                if (!isValidKeyLength[i]) {
+                    throw new RuntimeException("initVerify: Expected IKE not thrown!");
+                }
+		new SignedObject("Test string for getSignature test.", privKey, sig);
+            } catch (InvalidKeyException ike) {
+                if (isValidKeyLength[i]) {
+                    throw new Exception("initSign: Unexpected " + ike);
+                }
+            }
+        }
+    }
+}
+