Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8232950

SUNPKCS11 Provider incorrectly check key length for PSS Signatures.

XMLWordPrintable

    • b22
    • x86_64
    • linux
    • Not verified

        ADDITIONAL SYSTEM INFORMATION :
        CentOS 6
        OpenJDK 13.0.1
        PKCS11 driver is LunaHSM cryptoki2 64-bit version 6 (/usr/safenet/lunaclient/lib/libCryptoki2_64.so)

        A DESCRIPTION OF THE PROBLEM :
        When generating RSASSA-PSS signatures using SunPKCS11 it generates the error: "RSA key must be at least 1024 bytes" even though I have a 2048 bit RSA key.

        P11PSSSignature.java:352 check min and max key length fetched from Mechanism Info but check the key lengths in bytes instead of bits which is defined in PKCS11 v2.40 http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cs01/pkcs11-curr-v2.40-cs01.pdf section 2.1.10.

        To fix this should row 345 in P11PSSSignature be changed from
        keySize = (((P11Key) key).length() + 7) >> 3;
        to something like:
        keySize = ((P11Key) key).length();
        and row 347:
        keySize = ((RSAKey) key).getModulus().bitLength() >> 3;
        to something like:
        keySize = ((RSAKey) key).getModulus().bitLength();



        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        Create a SUNPKCS11 Provider with a PKCS11 library that returns Mechanism Info according to PKCS11 2.40 such as Safenet LUNA HSM Version 6.

        Create a signature with:
                    Signature signature = Signature.getInstance("RSASSA-PSS", sunPKCS11Provider)
                    signature.setParameter(new PSSParameterSpec("SHA-256", "MGF1",new MGF1ParameterSpec("SHA256"),222,1))
                    signature.initSign(privateKey)
                    signature.update(signData)
                    byte[] signatureData = signature.sign()


        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        Signature should be generated.
        ACTUAL -
        The signature operation generates a java.security.InvalidKeyException: RSA key must be at least 1024 bytes

        FREQUENCY : always


              valeriep Valerie Peng
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: