search

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)
https://www.bouncycastle.org/java.html
MIT License
2.33k stars 1.14k forks source link

BC Approved mode on java-8 throws “FIPS SecureRandom security strength not as high as required for operation: DH” #1897

Closed hping2 closed 2 weeks ago

hping2 commented 2 weeks ago

Tried to turn on BC Approved mode on java-8 on client side, but it throws “FIPS SecureRandom security strength not as high as required for operation: DH” when the server side has the DHE cipher such as TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

I tried to adjust java.security for higher strength secure random algorithm, but no help: securerandom.strongAlgorithms=DRBG(SHA512):BCFIPS, SHA1PRNG:BCFIPS

securerandom.strongAlgorithms=DRBG:BCFIPS # not working

a lot more cases tried, neither one worked.

We have the java.security like below 

security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS
security.provider.3=sun.security.provider.Sun
security.provider.4=sun.security.rsa.SunRsaSign
security.provider.5=sun.security.ec.SunEC
security.provider.6=com.sun.crypto.provider.SunJCE

keystore.type=FIPS

ssl.KeyManagerFactory.algorithm=PKIX
ssl.TrustManagerFactory.algorithm=PKIX

Error stack trace is like: 

===
WARN  2024-11-04 19:35:00,932 [qtp1535243274-36] [processor: ; event: ] org.bouncycastle.jsse.provider.ProvTlsServer: [server #1 @5a3b3e2f] raised fatal(2) internal_error(80) alert: Failed to process record
org.bouncycastle.tls.crypto.TlsCryptoException: unable to create key pair
    at org.bouncycastle.tls.crypto.impl.jcajce.JceTlsDHDomain.generateKeyPair(JceTlsDHDomain.java:161) ~[bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.crypto.impl.jcajce.JceTlsDH.generateEphemeral(JceTlsDH.java:30) ~[bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsDHEKeyExchange.generateServerKeyExchange(TlsDHEKeyExchange.java:81) ~[bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsServerProtocol.handleHandshakeMessage(TlsServerProtocol.java:1164) ~[bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsProtocol.processHandshakeQueue(TlsProtocol.java:715) [bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsProtocol.processRecord(TlsProtocol.java:591) [bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.RecordStream.readFullRecord(RecordStream.java:209) ~[bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsProtocol.safeReadFullRecord(TlsProtocol.java:926) [bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.tls.TlsProtocol.offerInput(TlsProtocol.java:1368) [bctls-fips-1.0.19.jar:1.0.19]
    at org.bouncycastle.jsse.provider.ProvSSLEngine.unwrap(ProvSSLEngine.java:486) [bctls-fips-1.0.19.jar:1.0.19]
    at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:626) [?:1.8.0_402]
    at org.eclipse.jetty.io.ssl.SslConnection.unwrap(SslConnection.java:429) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:718) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:350) [jetty-server-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260) [jetty-server-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:555) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:410) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:164) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) [jetty-io-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) [jetty-util-9.4.53.v20231009.jar:9.4.53.v20231009]
    at java.lang.Thread.run(Thread.java:750) [?:1.8.0_402]
Caused by: java.security.InvalidAlgorithmParameterException: FIPS SecureRandom security strength not as high as required for operation: DH
    at org.bouncycastle.jcajce.provider.ProvDH$KeyPairGeneratorSpi.initialize(Unknown Source) ~[bc-fips-1.0.2.5.jar:1.0.2.5]
    at org.bouncycastle.tls.crypto.impl.jcajce.JceTlsDHDomain.generateKeyPair(JceTlsDHDomain.java:156) ~[bctls-fips-1.0.19.jar:1.0.19]
    ... 29 more
Caused by: org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: FIPS SecureRandom security strength not as high as required for operation: DH
    at org.bouncycastle.crypto.fips.Utils.validateRandom(Unknown Source) ~[bc-fips-1.0.2.5.jar:1.0.2.5]
    at org.bouncycastle.crypto.fips.Utils.validateKeyPairGenRandom(Unknown Source) ~[bc-fips-1.0.2.5.jar:1.0.2.5]
    at org.bouncycastle.crypto.fips.FipsDH$KeyPairGenerator.<init>(Unknown Source) ~[bc-fips-1.0.2.5.jar:1.0.2.5]
    at org.bouncycastle.jcajce.provider.ProvDH$KeyPairGeneratorSpi.initialize(Unknown Source) ~[bc-fips-1.0.2.5.jar:1.0.2.5]
    at org.bouncycastle.tls.crypto.impl.jcajce.JceTlsDHDomain.generateKeyPair(JceTlsDHDomain.java:156) ~[bctls-fips-1.0.19.jar:1.0.19]
    ... 29 more
hping2 commented 2 weeks ago

I think this is our programatic error, the issue can be closed with invalid.