d8d41b5f8c
- Mozilla Bugzilla #1370778 - PBE and padded block cipher enhancements and fixes (ftweedal) - Mozilla Bugzilla #1371147 - PK11Store.getEncryptedPrivateKeyInfo() segfault if export fails (ftweedal) - Mozilla Bugzilla #1373824 - Mozilla Bug #1373824 - Bug 1308027 (change 2163) breaks HMAC-SHA1 key imports (jmagne)
197 lines
6.5 KiB
Diff
197 lines
6.5 KiB
Diff
# HG changeset patch
|
|
# User Jack Magne <jmagne@redhat.com>
|
|
# Date 1504307754 25200
|
|
# Fri Sep 01 16:15:54 2017 -0700
|
|
# Node ID eec15518fd61f1d988c25b4de589555796f9e65f
|
|
# Parent 17d1d7b740ca5777fbcf8ee817a2f26b9c93593a
|
|
unwrapping of HMAC-SHA1 secret keys using AES wrapping and unwrapping
|
|
cfu on behalf of jmagne
|
|
|
|
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/pkcs11/PK11KeyWrapper.java
|
|
--- a/org/mozilla/jss/pkcs11/PK11KeyWrapper.java Mon May 01 10:39:50 2017 -0700
|
|
+++ b/org/mozilla/jss/pkcs11/PK11KeyWrapper.java Fri Sep 01 16:15:54 2017 -0700
|
|
@@ -588,6 +588,8 @@
|
|
return EncryptionAlgorithm.RC4;
|
|
} else if( type == SymmetricKey.AES ) {
|
|
return EncryptionAlgorithm.AES_128_ECB;
|
|
+ } else if( type == SymmetricKey.SHA1_HMAC) {
|
|
+ return HMACAlgorithm.SHA1;
|
|
} else {
|
|
Assert._assert( type == SymmetricKey.RC2 );
|
|
return EncryptionAlgorithm.RC2_CBC;
|
|
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/pkcs11/PK11MessageDigest.c
|
|
--- a/org/mozilla/jss/pkcs11/PK11MessageDigest.c Mon May 01 10:39:50 2017 -0700
|
|
+++ b/org/mozilla/jss/pkcs11/PK11MessageDigest.c Fri Sep 01 16:15:54 2017 -0700
|
|
@@ -67,19 +67,19 @@
|
|
}
|
|
|
|
/* copy the key, setting the CKA_SIGN attribute */
|
|
- /*
|
|
+
|
|
newKey = PK11_CopySymKeyForSigning(origKey, mech);
|
|
+
|
|
+ /* For some key on the hsm, this call could fail, but the key may work anyway */
|
|
+
|
|
if( newKey == NULL ) {
|
|
- JSS_throwMsg(env, DIGEST_EXCEPTION,
|
|
- "Unable to set CKA_SIGN attribute on symmetric key");
|
|
- goto finish;
|
|
+ newKey = origKey;
|
|
}
|
|
- */
|
|
|
|
param.data = NULL;
|
|
param.len = 0;
|
|
|
|
- context = PK11_CreateContextBySymKey(mech, CKA_SIGN, origKey, ¶m);
|
|
+ context = PK11_CreateContextBySymKey(mech, CKA_SIGN, newKey, ¶m);
|
|
if( context == NULL ) {
|
|
JSS_throwMsg(env, DIGEST_EXCEPTION,
|
|
"Unable to initialize digest context");
|
|
@@ -88,7 +88,7 @@
|
|
|
|
contextObj = JSS_PK11_wrapCipherContextProxy(env, &context);
|
|
finish:
|
|
- if(newKey) {
|
|
+ if(newKey && (newKey != origKey)) {
|
|
/* SymKeys are ref counted, and the context will free it's ref
|
|
* when it is destroyed */
|
|
PK11_FreeSymKey(newKey);
|
|
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/tests/HmacTest.java
|
|
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
|
|
+++ b/org/mozilla/jss/tests/HmacTest.java Fri Sep 01 16:15:54 2017 -0700
|
|
@@ -0,0 +1,119 @@
|
|
+
|
|
+package org.mozilla.jss.tests;
|
|
+
|
|
+
|
|
+import java.security.Key;
|
|
+import javax.crypto.Cipher;
|
|
+import javax.crypto.KeyGenerator;
|
|
+import javax.crypto.Mac;
|
|
+import javax.crypto.SecretKey;
|
|
+import javax.crypto.spec.IvParameterSpec;
|
|
+
|
|
+import org.mozilla.jss.CryptoManager;
|
|
+import org.mozilla.jss.crypto.CryptoToken;
|
|
+import org.mozilla.jss.crypto.SymmetricKey;
|
|
+
|
|
+
|
|
+public class HmacTest {
|
|
+
|
|
+ private static final String INTERNAL_KEY_STORAGE_TOKEN =
|
|
+ new CryptoManager.InitializationValues("").getInternalKeyStorageTokenDescription().trim();
|
|
+
|
|
+ private static final String NSS_DATABASE_DIR = "sql:data";
|
|
+ private static final String PROVIDER = "Mozilla-JSS";
|
|
+
|
|
+
|
|
+ public static void main(String[] args)
|
|
+ {
|
|
+
|
|
+ String algorithm = "hmac-sha1";
|
|
+
|
|
+ try {
|
|
+ configureCrypto(args);
|
|
+
|
|
+ Mac mac = Mac.getInstance(algorithm, PROVIDER);
|
|
+
|
|
+ byte[] keyData = new byte[16];
|
|
+ Key key = importHmacSha1Key(keyData);
|
|
+
|
|
+ mac.init(key);
|
|
+
|
|
+ doHMAC(mac,"Dogtag rules!");
|
|
+
|
|
+ System.out.println("Done");
|
|
+
|
|
+ System.exit(0);
|
|
+ } catch (Exception e) {
|
|
+ System.exit(1);
|
|
+ }
|
|
+ }
|
|
+
|
|
+ private static void configureCrypto(String[] args)
|
|
+ throws Exception {
|
|
+
|
|
+ CryptoManager.InitializationValues initializationValues =
|
|
+ new CryptoManager.InitializationValues(args[0]);
|
|
+
|
|
+ CryptoManager.initialize(initializationValues);
|
|
+
|
|
+ CryptoManager cryptoManager = CryptoManager.getInstance();
|
|
+
|
|
+ CryptoToken cryptoToken =
|
|
+ cryptoManager.getTokenByName(INTERNAL_KEY_STORAGE_TOKEN);
|
|
+
|
|
+ cryptoManager.setThreadToken(cryptoToken);
|
|
+ }
|
|
+
|
|
+ private static Key importHmacSha1Key(byte[] key)
|
|
+ throws Exception {
|
|
+
|
|
+ final String WRAPPING_ALGORITHM = "AES/CBC/PKCS5Padding";
|
|
+
|
|
+ Key wrappingKey = getWrappingKey();
|
|
+
|
|
+ byte[] iv = new byte[16];
|
|
+ IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
|
|
+
|
|
+ Cipher wrappingCipher = Cipher.getInstance(WRAPPING_ALGORITHM, PROVIDER);
|
|
+ wrappingCipher.init(Cipher.ENCRYPT_MODE, wrappingKey, ivParameterSpec);
|
|
+
|
|
+ byte[] wrappedKeyData = wrappingCipher.doFinal(key);
|
|
+
|
|
+ Cipher unwrappingCipher = Cipher.getInstance(WRAPPING_ALGORITHM, PROVIDER);
|
|
+ unwrappingCipher.init(Cipher.UNWRAP_MODE, wrappingKey, ivParameterSpec);
|
|
+
|
|
+ return (SecretKey) unwrappingCipher.unwrap(wrappedKeyData,
|
|
+ SymmetricKey.SHA1_HMAC.toString(),
|
|
+ Cipher.SECRET_KEY);
|
|
+ }
|
|
+
|
|
+ private static synchronized Key getWrappingKey()
|
|
+ throws Exception {
|
|
+
|
|
+ final String keyGenAlgorithm = "AES";
|
|
+ final int wrappingKeyLength = 256;
|
|
+
|
|
+ KeyGenerator keyGen = KeyGenerator.getInstance(keyGenAlgorithm, PROVIDER);
|
|
+ keyGen.init(wrappingKeyLength);
|
|
+ return keyGen.generateKey();
|
|
+ }
|
|
+
|
|
+ public static void doHMAC(Mac mozillaHmac, String clearText)
|
|
+ throws Exception {
|
|
+ byte[] mozillaHmacOut;
|
|
+
|
|
+ //Get the Mozilla HMAC
|
|
+ mozillaHmacOut = mozillaHmac.doFinal(clearText.getBytes());
|
|
+
|
|
+ if (mozillaHmacOut.length == mozillaHmac.getMacLength()) {
|
|
+ System.out.println(PROVIDER + " supports " +
|
|
+ mozillaHmac.getAlgorithm() + " and the output size is " + mozillaHmac.getMacLength());
|
|
+ } else {
|
|
+ throw new Exception("ERROR: hmac output size is " +
|
|
+ mozillaHmacOut.length + ", should be " +
|
|
+ mozillaHmac.getMacLength());
|
|
+ }
|
|
+ }
|
|
+
|
|
+
|
|
+}
|
|
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/tests/all.pl
|
|
--- a/org/mozilla/jss/tests/all.pl Mon May 01 10:39:50 2017 -0700
|
|
+++ b/org/mozilla/jss/tests/all.pl Fri Sep 01 16:15:54 2017 -0700
|
|
@@ -492,6 +492,10 @@
|
|
$command = "$java -cp $jss_classpath org.mozilla.jss.tests.HMACTest $testdir $pwfile";
|
|
run_test($testname, $command);
|
|
|
|
+$testname = "HMAC Unwrap";
|
|
+$command = "$java -cp $jss_classpath org.mozilla.jss.tests.HmacTest $testdir $pwfile";
|
|
+run_test($testname, $command);
|
|
+
|
|
$testname = "KeyWrapping ";
|
|
$command = "$java -cp $jss_classpath org.mozilla.jss.tests.JCAKeyWrap $testdir $pwfile";
|
|
run_test($testname, $command);
|