-
Bug
-
Resolution: Fixed
-
P3
-
11, 14, 15
-
b21
-
x86_64
-
windows_10
-
Verified
ADDITIONAL SYSTEM INFORMATION :
OS: Windows 10 Pro 1909 (x64)
JDK: 14.0.2
A DESCRIPTION OF THE PROBLEM :
JDK 13 introduced support for using RSA Keys generated by the new Windows Cryptographic API called CNG, see https://bugs.openjdk.java.net/browse/JDK-8223063. Such keys can now be loaded and used for signing or encryption/decryption of data.
If such a (private) CNG key, loaded from the Windows Keystore, is used to UNWRAP an another key, the method call fails by throwing a "java.security.KeyException" with the message "The parameter is incorrect".
This does not happen, if one uses a keypair generated by a keyfactory instantiated with the SunMSCAPI provider.
Additional remark: Inspecting the private key with the debugger one can see, that the hCryptKey field (holding the actual HCRYPTKEY handle) of the CPrivateKey object is not set.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Create with windows tools a certificate, e.g. by using the powershell and the `New-SelfSignedCertificate` command: https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate?view=win10-ps
2. Load the certificate and the private key via the SunMSCAPI provider
3. Generate a secret key and wrap it with the certificate using RSA/ECB/PKCS1Padding and the SunMSCAPI provider
4. unwrap the key with the private key
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The secret key is unwrapped and returned.
ACTUAL -
A java.security.KeyException" with the message "The parameter is incorrect" is thrown.
---------- BEGIN SOURCE ----------
/*
A user certificate was created with powershell and the following command:
New-SelfSignedCertificate -Type Custom -Subject "E=patti.fuller@contoso.com,CN=Patti Fuller" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.4","2.5.29.17={text}email=patti.fuller@contoso.com&upn=pattifuller@contoso.com") -KeyAlgorithm RSA -KeyLength 2048 -SmimeCapabilities -CertStoreLocation "Cert:\CurrentUser\My"
*/
private static final String ALIAS = "Patti Fuller";
private void testWrapAndUnwrapWithWindowsKeys()
throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException,
KeyStoreException, IOException, CertificateException, UnrecoverableKeyException {
Provider p;
KeyPair kp;
//load the keystore and accquire the keys
KeyStore wins = KeyStore.getInstance("Windows-MY");
p = wins.getProvider();
wins.load(null, null);
PublicKey pub = wins.getCertificate(ALIAS).getPublicKey();
PrivateKey priv = (PrivateKey) wins.getKey(ALIAS, null);
kp = new KeyPair(pub, priv);
System.out.println(kp.getPrivate().toString()); // to see if the private key has as type CNG
//create secret key
SecureRandom r = new SecureRandom();
byte[] b = new byte[32];
r.nextBytes(b);
String alg = "AES";
SecretKey key = new SecretKeySpec(b, alg);
//wrap the secret key with the public key
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
c.init(Cipher.WRAP_MODE, kp.getPublic());
byte[] wrapped = c.wrap(key);
System.out.println("wrapped: " + wrapped.length);
//unwrap the secret key with the private key
c.init(Cipher.UNWRAP_MODE, kp.getPrivate());
Key unwrapped = c.unwrap(wrapped, alg, Cipher.SECRET_KEY);
System.out.println("unwrapped: " + unwrapped);
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
None.
FREQUENCY : always
OS: Windows 10 Pro 1909 (x64)
JDK: 14.0.2
A DESCRIPTION OF THE PROBLEM :
JDK 13 introduced support for using RSA Keys generated by the new Windows Cryptographic API called CNG, see https://bugs.openjdk.java.net/browse/JDK-8223063. Such keys can now be loaded and used for signing or encryption/decryption of data.
If such a (private) CNG key, loaded from the Windows Keystore, is used to UNWRAP an another key, the method call fails by throwing a "java.security.KeyException" with the message "The parameter is incorrect".
This does not happen, if one uses a keypair generated by a keyfactory instantiated with the SunMSCAPI provider.
Additional remark: Inspecting the private key with the debugger one can see, that the hCryptKey field (holding the actual HCRYPTKEY handle) of the CPrivateKey object is not set.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Create with windows tools a certificate, e.g. by using the powershell and the `New-SelfSignedCertificate` command: https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate?view=win10-ps
2. Load the certificate and the private key via the SunMSCAPI provider
3. Generate a secret key and wrap it with the certificate using RSA/ECB/PKCS1Padding and the SunMSCAPI provider
4. unwrap the key with the private key
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The secret key is unwrapped and returned.
ACTUAL -
A java.security.KeyException" with the message "The parameter is incorrect" is thrown.
---------- BEGIN SOURCE ----------
/*
A user certificate was created with powershell and the following command:
New-SelfSignedCertificate -Type Custom -Subject "E=patti.fuller@contoso.com,CN=Patti Fuller" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.4","2.5.29.17={text}email=patti.fuller@contoso.com&upn=pattifuller@contoso.com") -KeyAlgorithm RSA -KeyLength 2048 -SmimeCapabilities -CertStoreLocation "Cert:\CurrentUser\My"
*/
private static final String ALIAS = "Patti Fuller";
private void testWrapAndUnwrapWithWindowsKeys()
throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException,
KeyStoreException, IOException, CertificateException, UnrecoverableKeyException {
Provider p;
KeyPair kp;
//load the keystore and accquire the keys
KeyStore wins = KeyStore.getInstance("Windows-MY");
p = wins.getProvider();
wins.load(null, null);
PublicKey pub = wins.getCertificate(ALIAS).getPublicKey();
PrivateKey priv = (PrivateKey) wins.getKey(ALIAS, null);
kp = new KeyPair(pub, priv);
System.out.println(kp.getPrivate().toString()); // to see if the private key has as type CNG
//create secret key
SecureRandom r = new SecureRandom();
byte[] b = new byte[32];
r.nextBytes(b);
String alg = "AES";
SecretKey key = new SecretKeySpec(b, alg);
//wrap the secret key with the public key
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
c.init(Cipher.WRAP_MODE, kp.getPublic());
byte[] wrapped = c.wrap(key);
System.out.println("wrapped: " + wrapped.length);
//unwrap the secret key with the private key
c.init(Cipher.UNWRAP_MODE, kp.getPrivate());
Key unwrapped = c.unwrap(wrapped, alg, Cipher.SECRET_KEY);
System.out.println("unwrapped: " + unwrapped);
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
None.
FREQUENCY : always
- relates to
-
-
- Open
-
