On Thu, 25 May 2023 00:11:54 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional >> commit since the last revision: >> >> 8301553: Support Password-Based Cryptography in SunPKCS11 (iteration #3) >> >> Co-authored-by: Francisco Ferrari <fferr...@redhat.com> >> Co-authored-by: Martin Balao <mba...@redhat.com> > > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PBECipher.java > line 112: > >> 110: return pbes2Params.getAlgorithmParameters( >> 111: blkSize, pbeAlg, P11Util.getSunJceProvider(), >> 112: JCAUtil.getSecureRandom()); > > The random source should be the one supplied through > CipherSpi.engineInit(...) call if there is one available (see line 118). > There is Cipher javadoc specifying this. Good point. As I see it, the problem is not in the random source itself but in the values. There are a couple of P11PBECipher::engineInit paths in which P11PBECipher initialization succeeds but the pbes2Params does not have the salt, iCount and ivSpec in use. These paths are those in which the P11 key was already derived (it's a P11PBEKey): we check consistency but record nothing for future P11PBECipher::engineGetParameters calls. I think that we can get the right values from the P11PBEKey and PBEParameterSpec. Notice that if the ivSpec is not passed, it's value could be randomly generated in the underlying Cipher. @franferrax what do you think? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/12396#discussion_r1206085880
