Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8213493

X25519 private key PKCS#8 encoding/decoding is incorrect

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 12
    • security-libs
    • None
    • behavioral
    • minimal
    • Hide
      This change will cause a problem when a private key is written by an older version and read by a newer version (or vice-versa). These private keys aren't usually transmitted in a secure protocol, but they may be written to storage (encrypted) and then read later. But this scenario is unlikely for these keys because:
      1) The X25519/X448 implementation is relatively new, so it is probably not widely used yet.
      2) Storing key agreement keys and reusing them is much less common than generating new ephemeral keys when needed.
      3) There is no way to use keytool to produce a keystore containing one of these keys. Storing an X25519/X448 private key requires custom code that extracts the encoded key and then stores it.
      Show
      This change will cause a problem when a private key is written by an older version and read by a newer version (or vice-versa). These private keys aren't usually transmitted in a secure protocol, but they may be written to storage (encrypted) and then read later. But this scenario is unlikely for these keys because: 1) The X25519/X448 implementation is relatively new, so it is probably not widely used yet. 2) Storing key agreement keys and reusing them is much less common than generating new ephemeral keys when needed. 3) There is no way to use keytool to produce a keystore containing one of these keys. Storing an X25519/X448 private key requires custom code that extracts the encoded key and then stores it.
    • File or wire format
    • JDK

      Summary

      Correct the PKCS8 encoded format for XDH private keys.

      Problem

      In JDK 11, XDH (X25519/X448) private keys are encoded incorrectly. This encoding is produced by PrivateKey.getEncoded() and when an XDH private key is converted to a PKCS8EncodedKeySpec by the XDH KeyFactory. The implementation in JDK 11 also fails to decode correctly formatted keys.

      Solution

      Modify the encoding/decoding routine so that it is correct. The incorrect encoding format from JDK 11 will no longer be supported.

      Specification

      No new specification. The encoding format is governed by RFC 8410.

            apetcher Adam Petcher (Inactive)
            webbuggrp Webbug Group
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: