Gabriel Mair created WSS-726:
--------------------------------
Summary: Allow overriding
EncryptedKeyProcessor#getAsymmetricDecryptedByte (Pkcs#11 example)
Key: WSS-726
URL: https://issues.apache.org/jira/browse/WSS-726
Project: WSS4J
Issue Type: Improvement
Components: WSS4J Core
Affects Versions: 4.0.1, 2.4.3
Environment: Java version: 21.0.9, vendor: Eclipse Adoptium
Tomcat 10.1.54 (Wss4j 4.0.1) or WebLogic (Wss4j 2.4.3)
Reporter: Gabriel Mair
Assignee: Colm O hEigeartaigh
Fix For: 2.4.4, 4.0.2
While testing the integration with PKCS#11 for Java 21 we found a couple of
blocking issues that would be easily fixed if it were possible to override
org.apache.wss4j.dom.processor.EncryptedKeyProcessor#getAsymmetricDecryptedBytes
in our project. This is not possible currently because the method is private
static and also because getRandomKey method in the same class is private.
Problem 1:
PKCS#11 doesn't support OAEPPadding based on the javadoc of
sun.security.pkcs11.P11RSACipher ("We currently only support PKCS#1 v1.5
padding on top of CKM_RSA_PKCS"). With a dynamically initialized security
provider from Java SE, during decryption, Wss4j 4.0.2 (and 2.4.4) throws the
exception:
java.security.InvalidKeyException: No installed provider supports this key:
sun.security.pkcs11.P11Key$P11RSAPrivateKeyInternal
at java.base/javax.crypto.Cipher.chooseProvider(Cipher.java:963)
at java.base/javax.crypto.Cipher.init(Cipher.java:1466)
at java.base/javax.crypto.Cipher.init(Cipher.java:1393)
at
org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getAsymmetricDecryptedBytes(EncryptedKeyProcessor.java:389)
... 66 common frames omitted
Caused by: javax.crypto.NoSuchPaddingException: Unsupported padding OAEPPadding
at
jdk.crypto.cryptoki/sun.security.pkcs11.P11RSACipher.engineSetPadding(P11RSACipher.java:138)
at java.base/javax.crypto.Cipher$Transform.setModePadding(Cipher.java:396)
at java.base/javax.crypto.Cipher.chooseProvider(Cipher.java:932)
By overriding the
org.apache.wss4j.dom.processor.EncryptedKeyProcessor#getAsymmetricDecryptedBytes
method we could perform the private-key operation as raw RSA (CKM_RSA_X_509,
"RSA/ECB/NoPadding") on the HSM token, and the OAEP padding removal could be
done programmatically with BouncyCastle for eg.
Problem 2:
A work around for the above issue was to initialize the security provider
statically using a customized jar like LunaProvider for the Luna Cloud HSM.
While trying to unwrap the AES key from the Soap header the Luna security
provider throws com.safenetinc.luna.exception.LunaException: Key algorithm
'RSA/ECB/OAEPPadding' unknown at
com.safenetinc.luna.provider.key.LunaKey.GetKeyType(LunaKey.java:736) when the
underlying cipher is initialized in UNWRAP_MODE. The operation succeeds when
the cipher initialization is using DECRYPT_MODE.
This can be done by overriding the
org.apache.wss4j.dom.processor.EncryptedKeyProcessor#getAsymmetricDecryptedBytes
method and handling the initialization and decryption in our code.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
