Andrew John Hughes wrote: > 2009/10/6 Tomas Gustavsson <to...@primekey.se>: >> Hi Andrew, >> >> I guess no bug Id was created after all. >> The issue is that the pkcs#11 library returns a tag-length-value >> encoding for an EC public key, but the Sun provider expects something >> else. So when trying to read the public key from pkcs#11 we get an >> exception. >> >> The patch, which is very small and backwards compatible (if there are >> pkcs#11's that does return the value originally expected), can be found >> here: >> http://bunny.primekey.se/~lars/sunP11Bug/patch.txt >> >> A simple test case: >> http://bunny.primekey.se/~lars/sunP11Bug/src/test/Main.java >> >> We've been in contact with an HSM vendor (Utimaco) and they claim that >> the tag-length-value is the right way. Since we tested this with several >> different HSMs it seems they are in agreement as well :-) >> (I can forward their explanation as well if needed). >> >> Kind regards, >> Tomas >> >> PS: Lars (who is my collegue) has completed the "Sun Contribution >> Agreement". >> >> >> Andrew John Hughes wrote: >>> 2009/10/5 Tomas Gustavsson <to...@primekey.se>: >>>> Hi Vincent and Brad, >>>> >>>> I'm not sure how things are at Sun currently. We work with Sun here in >>>> Sweden so we've heard a bit about wait with the Oracle story. >>>> >>>> Anyhow I just want to let you know that if anyone is still working on >>>> crypto that this bug is very annoying, and affect all existing HSMs as >>>> far as I can see. ECC is rolling out pretty wide in europe now with new >>>> electronic passports and other ecc cards. >>>> So getting this fixed would be quite welcome, it's a small fix. I've >>>> tested it on SafeNet HSMs myself right now. >>>> >>>> >>>> Kind regards, >>>> Tomas Gustavsson >>>> PrimeKey Solutions AB >>>> >>>> >>>> Lars Silvén wrote: >>>>> -------- Forwarded Message -------- >>>>> From: Brad Wetmore <bradford.wetm...@sun.com> >>>>> To: Lars Silvén <l...@primekey.se> >>>>> Cc: security-dev@openjdk.java.net, Vinnie Ryan <vincent.r...@sun.com> >>>>> Subject: Re: [security-dev 00550]: Re: ECC pkcs#11 bug >>>>> Date: Thu, 05 Feb 2009 11:34:49 -0800 >>>>> >>>>> Hi Lars, >>>>> >>>>> I was hoping that Vincent Ryan had already contacted you about this. >>>>> >>>>> I got redirected from ECC to work on the OpenJDK Bugzilla instance, >>>>> which is rolling out very soon. Vincent took over the ECC work late >>>>> last year along with your submission. The short answer is, between a >>>>> lengthy customer escalation and bugzilla, I've been so heads down for >>>>> the last 4 months, I'm not sure how far he's gotten. >>>>> >>>>> Vinnie, can you provide more info? >>>>> >>>>> Brad >>>>> >>>>> >>>>> Lars Silvén wrote: >>>>>> Brad, >>>>>> >>>>>> Any news about the p11 ECC bug. >>>>>> >>>>>> When will it be fixed? >>>>>> >>>>>> >>>>>> Best Regards, >>>>>> Lars >>>>>> >>>>>> >>>>>> >>>>>> Lars Silvén wrote: >>>>>>> Hello, >>>>>>> >>>>>>> Thank you for taking care of this. >>>>>>> We want this fix in both JDK 6 and 7. I like to know the release date >>>>>>> for the >>>>>>> fix in both versions if possible. >>>>>>> >>>>>>> Lars >>>>>>> >>>>>>> Brad Wetmore wrote: >>>>>>>> Lars Silvén wrote: >>>>>>>>> Hi Brad, >>>>>>>>> >>>>>>>>> Do you have everything you need to fix the bug. >>>>>>>> I believe so. I haven't started looking at it closely yet, I'm still >>>>>>>> mopping up several fires. Unfortunately, I'm the chef, busboy, and >>>>>>>> bottle washer for several projects here. >>>>>>>> >>>>>>>>> Or is there anything more I could do to help. >>>>>>>>> >>>>>>>>> I have now also tested the nCipher HSM. To get their p11 working my >>>>>>>>> patch had to be applied. >>>>>>>>> >>>>>>>>> Do you have any idea when we the fix could be released? >>>>>>>> Are you looking for JDK7, or 6? >>>>>>>> >>>>>>>> Brad >>>>>>>> >>>>>>>>> Best Regards >>>>>>>>> >>>>>>>>> Brad Wetmore wrote: >>>>>>>>>> Lars Silvén wrote: >>>>>>>>>>> Hi Brad, >>>>>>>>>>> >>>>>>>>>>> I have written a simple application that illustrates the problem: >>>>>>>>>>> http://bunny.primekey.se/~lars/sunP11Bug/src/test/Main.java >>>>>>>>>>> >>>>>>>>>>> But you need a p11 module with ECC capability to run it. Do you have >>>>>>>>>>> one? >>>>>>>>>> Yes. >>>>>>>>>> >>>>>>>>>>> If not I could investigate if one of our HSM vendors could send you >>>>>>>>>>> one. >>>>>>>>>>> Also to verify that the public key actually is usable a JCA provider >>>>>>>>>>> with ECC is needed. >>>>>>>>>> I'm going to be working on adding ECC to the JCE provider for JDK 7. >>>>>>>>>> >>>>>>>>>> Thanks for the case. >>>>>>>>>> >>>>>>>>>> Brad >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> But for that you could use BouncyCastle. >>>>>>>>>>> Start running the application without parameters and then you get a >>>>>>>>>>> description of needed parameters. >>>>>>>>>>> >>>>>>>>>>> Lars >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Brad Wetmore wrote: >>>>>>>>>>>> Great, thanks for doing so. >>>>>>>>>>>> >>>>>>>>>>>> I'll be working on this fairly soon, so I'll get a bug filed. Do >>>>>>>>>>>> you >>>>>>>>>>>> have a standalone test case for this already? See step 3 of the >>>>>>>>>>>> contribute page. If you do but you don't have it in jtreg format, >>>>>>>>>>>> I can >>>>>>>>>>>> get it into the jtreg format. >>>>>>>>>>>> >>>>>>>>>>>> Brad >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Lars Silvén wrote: >>>>>>>>>>>>> Here is my SCA! >>>>>>>>>>>>> >>>>>>>>>>>>> //Lars >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Brad Wetmore wrote: >>>>>>>>>>>>>> Hi Lars, >>>>>>>>>>>>>> >>>>>>>>>>>>>>> I have created a patch that is fixing the problem: >>>>>>>>>>>>>> This is Brad Wetmore, I am the Security group Moderator, and also >>>>>>>>>>>>>> the >>>>>>>>>>>>>> person who will be handling this when I get back to working on >>>>>>>>>>>>>> the >>>>>>>>>>>>>> Java >>>>>>>>>>>>>> ECC implementation. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Unfortunately, I can't take your source contribution yet without >>>>>>>>>>>>>> a >>>>>>>>>>>>>> signed copy of the Sun Contribution Agreement in place. This is >>>>>>>>>>>>>> done >>>>>>>>>>>>>> for your protection as well as the Sun's and the OpenJDK >>>>>>>>>>>>>> community's. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Please see the following link for more information: >>>>>>>>>>>>>> >>>>>>>>>>>>>> http://openjdk.java.net/contribute/ >>>>>>>>>>>>>> >>>>>>>>>>>>>> The Signatories of the SCA are eligible to donate code to all >>>>>>>>>>>>>> products >>>>>>>>>>>>>> and projects owned or managed by Sun: signing it once means you >>>>>>>>>>>>>> can >>>>>>>>>>>>>> contribute code to any Sun-sponsored open source project. >>>>>>>>>>>>>> >>>>>>>>>>>>>> If you have recently signed it and it hasn't yet appeared in our >>>>>>>>>>>>>> database yet, just let me know. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Discussions of the problem is fine, it's just the source that we >>>>>>>>>>>>>> can't >>>>>>>>>>>>>> take at this point. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Brad >>>>>>>>>>>>> ------------------------------------------------------------------------ >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>> What bug are we discussing here? I don't see any patch or bug ID. > > Ah, this sounds like a similar, if not the same bug as 6763530 which > we discussed here: > > http://mail.openjdk.java.net/pipermail/security-dev/2009-September/001252.html > > I posted a patch for this some time ago, as you can see from the > discussion, and then a revised version based on Michael StJohn's patch > > http://cr.openjdk.java.net/~andrew/6763530/webrev.02/ > > but it has not yet been accepted into OpenJDK. The bug is due to the > data being DER encoded. DER octet streams also start with a 4 but the > length is different from that expected by the current code. The bug > is triggered when newer versions of the NSS library are used for ECC > support.
Excellent. Plenty of people are tripping in to this bug. I hope some version of patches gets accepted soon! What's keeping the patch from getting accepted? Regards, Tomas
