Mercurial > hg > openjdk > jdk6 > jdk

changeset 1755:da873bd245cf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8185292: Stricter key generation Reviewed-by: mullan
author igerasim
date Sat, 04 Nov 2017 17:23:38 -0700
parents e9f395bb65a6
children fa95260136c1
files src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java src/share/classes/sun/security/pkcs11/P11KeyAgreement.java test/com/sun/crypto/provider/KeyAgreement/DHGenSecretKey.java test/com/sun/crypto/provider/KeyAgreement/DHKeyAgreement2.java test/com/sun/crypto/provider/KeyAgreement/SameDHKeyStressTest.java test/sun/security/pkcs11/KeyAgreement/TestDH.java
diffstat 6 files changed, 58 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/src/share/classes/com/sun/crypto/provider/DHKeyAgreement.java	Sat Nov 04 17:23:38 2017 -0700
@@ -25,14 +25,10 @@
 
 package com.sun.crypto.provider;
 
+import java.security.*;
 import java.util.*;
 import java.lang.*;
 import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidKeySpecException;
 import javax.crypto.KeyAgreementSpi;
@@ -58,6 +54,21 @@
     private BigInteger x = BigInteger.ZERO; // the private value
     private BigInteger y = BigInteger.ZERO;
 
+    private static class AllowKDF {
+
+        private static final boolean VALUE = getValue();
+
+        private static boolean getValue() {
+            return AccessController.doPrivileged(
+                    new PrivilegedAction<Boolean>() {
+                        @Override
+                        public Boolean run() {
+                            return Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF");
+                        }
+                    });
+        }
+    }
+
     /**
      * Empty constructor
      */
@@ -370,6 +381,14 @@
         if (algorithm == null) {
             throw new NoSuchAlgorithmException("null algorithm");
         }
+
+        if (!algorithm.equalsIgnoreCase("TlsPremasterSecret") &&
+            !AllowKDF.VALUE) {
+
+            throw new NoSuchAlgorithmException("Unsupported secret key "
+                                               + "algorithm: " + algorithm);
+        }
+
         byte[] secret = engineGenerateSecret();
         if (algorithm.equalsIgnoreCase("DES")) {
             // DES
--- a/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/src/share/classes/sun/security/pkcs11/P11KeyAgreement.java	Sat Nov 04 17:23:38 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -69,6 +69,21 @@
     // KeyAgreement from SunJCE as fallback for > 2 party agreement
     private KeyAgreement multiPartyAgreement;
 
+    private static class AllowKDF {
+
+        private static final boolean VALUE = getValue();
+
+        private static boolean getValue() {
+            return AccessController.doPrivileged(
+                    new PrivilegedAction<Boolean>() {
+                        @Override
+                        public Boolean run() {
+                            return Boolean.getBoolean("jdk.crypto.KeyAgreement.legacyKDF");
+                        }
+                    });
+        }
+    }
+
     P11KeyAgreement(Token token, String algorithm, long mechanism) {
         super();
         this.token = token;
@@ -242,6 +257,7 @@
         if (algorithm == null) {
             throw new NoSuchAlgorithmException("Algorithm must not be null");
         }
+
         if (algorithm.equals("TlsPremasterSecret")) {
             // For now, only perform native derivation for TlsPremasterSecret
             // as that is required for FIPS compliance.
@@ -250,6 +266,14 @@
             // (bug not yet filed).
             return nativeGenerateSecret(algorithm);
         }
+
+        if (!algorithm.equalsIgnoreCase("TlsPremasterSecret") &&
+            !AllowKDF.VALUE) {
+
+            throw new NoSuchAlgorithmException("Unsupported secret key "
+                                               + "algorithm: " + algorithm);
+        }
+
         byte[] secret = engineGenerateSecret();
         // Maintain compatibility for SunJCE:
         // verify secret length is sensible for algorithm / truncate
--- a/test/com/sun/crypto/provider/KeyAgreement/DHGenSecretKey.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/DHGenSecretKey.java	Sat Nov 04 17:23:38 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,7 @@
  * @summary Verify that DHKeyAgreement can generate secret key
  * objects for AES algorithm
  * @author Valerie Peng
+ * @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true DHGenSecretKey
  */
 import java.security.*;
 import java.security.interfaces.*;
--- a/test/com/sun/crypto/provider/KeyAgreement/DHKeyAgreement2.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/DHKeyAgreement2.java	Sat Nov 04 17:23:38 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,6 +26,7 @@
  * @bug 0000000
  * @summary DHKeyAgreement2
  * @author Jan Luehe
+ * @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true DHKeyAgreement2
  */
 
 import java.io.*;
--- a/test/com/sun/crypto/provider/KeyAgreement/SameDHKeyStressTest.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/test/com/sun/crypto/provider/KeyAgreement/SameDHKeyStressTest.java	Sat Nov 04 17:23:38 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,7 +26,7 @@
  * @bug 8048819
  * @summary This test stressful verifies the assertion of "The secret keys generated
  * by all involved parties should be the same." for javax.crypto.KeyAgreement
- * @run main SameDHKeyStressTest
+ * @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true SameDHKeyStressTest
  */
 import java.security.AlgorithmParameterGenerator;
 import java.security.InvalidAlgorithmParameterException;
--- a/test/sun/security/pkcs11/KeyAgreement/TestDH.java	Fri Dec 12 00:19:17 2014 +0000
+++ b/test/sun/security/pkcs11/KeyAgreement/TestDH.java	Sat Nov 04 17:23:38 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,6 +27,8 @@
  * @summary Verify that DH works properly
  * @author Andreas Sterbenz
  * @library ..
+ * @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true TestDH
+ * @run main/othervm -Djdk.crypto.KeyAgreement.legacyKDF=true TestDH sm
  */
 
 import java.io.*;