search

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)
https://www.bouncycastle.org/java.html
MIT License
2.29k stars 1.14k forks source link

Are there any plans to fix BouncyCastle for specs fixed in JDK-8242151? #1433

Open ogwwkn opened 1 year ago

ogwwkn commented 1 year ago

In the program I maintain, I get the algorithm parameters with "encryptedPrivateKeyInfo.getAlgParameters()" in order to decrypt the data encrypted with "AES128-CBC-NoPadding". This method returned a value in JDK8u361, but returned null in JDK8u371. When I contacted Oracle, I was told that JDK-8242151, which was fixed in JDK8u371, changed the specification of the value obtained by "EncryptedPrivateKeyInfo.getAlgName()" from the object ID to the encryption algorithm name. Do you have any plans to support the specification change in this JDKu371?

Java sample

package com.sample;

import java.security.AlgorithmParameters;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.Security;

import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class EncryptedPrivateKeyInfoSample {

  public static void main(String[] args) throws Exception {
    // Register BouncyCastle as a provider.
    Security.insertProviderAt(new BouncyCastleProvider(), 6);

    // Craete iv
    byte[] iv = new byte[16];
    SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
    secureRandom.nextBytes(iv);

    String keypass = "sample";

    // Create keyspec
    MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
    byte[] salt = messageDigest.digest(iv);
    SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
    PBEKeySpec pbeKeySpec = new PBEKeySpec(keypass.toCharArray(), salt, 1000, 128);
    SecretKey pbeSecretKey = secretKeyFactory.generateSecret(pbeKeySpec);
    SecretKey secretKey = new SecretKeySpec(pbeSecretKey.getEncoded(), "AES");

    // Encrypt with aes128-CBC
    AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("2.16.840.1.101.3.4.1.2");
    IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
    algorithmParameters.init(ivParameterSpec);
    Cipher cipher = Cipher.getInstance("2.16.840.1.101.3.4.1.2");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey, algorithmParameters);

    byte[] encryptedPrivateKeyBytes = cipher.doFinal("targetItem16byte".getBytes());

    // Create encryptedPrivateKeyInfo
    EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(
        algorithmParameters, encryptedPrivateKeyBytes);

    // This is "AES IV"
    System.out.println(encryptedPrivateKeyInfo.getAlgParameters());

    // Convert to bytes and do the same.
    byte[] encryptedByte = encryptedPrivateKeyInfo.getEncoded();
    EncryptedPrivateKeyInfo encryptedPrivateKeyInfoFromByte = new EncryptedPrivateKeyInfo(encryptedByte);

    // This is "AES IV" up to JDK8u361, but null in JDK8u371 due to "JDK-8242151"
    System.out.println(encryptedPrivateKeyInfoFromByte.getAlgParameters());
  }

}
dghgit commented 1 year ago

So I just tried this on JDK8u372 and it seems to have gone back to working, maybe they found a way of fixing the fix. Is that your experience?

ogwwkn commented 1 year ago

Thank you for your comment. I have confirmed that it works fine with OpenJDK8u372. However, it returned null for OracleJDK8u371 and OracleJDK8u381. It seems that OpenJDK8 and OracleJDK8 behave differently. The one I'm using is OracleJDK8.