search

google / keyczar

Easy-to-use crypto toolkit
Apache License 2.0
1.1k stars 141 forks source link

Flaky test on SIgnerTest #80

Closed GoogleCodeExporter closed 3 years ago

GoogleCodeExporter commented 9 years ago 
    <error message="java.security.SignatureException: invalid signature: out of range values" type="org.keyczar.exceptions.KeyczarException">org.keyczar.exceptions.KeyczarException: java.security.SignatureException: invalid signature: out of range values
at org.keyczar.DsaPublicKey$DsaVerifyingStream.verify(DsaPublicKey.java:159)
        at org.keyczar.DsaPrivateKey$DsaSigningStream.verify(DsaPrivateKey.java:205)         at org.keyczar.UnversionedVerifier.verify(UnversionedVerifier.java:123)        at org.keyczar.UnversionedVerifier.verify(UnversionedVerifier.java:92)
        at org.keyczar.SignerTest.testUnversionedSignAndVerify(SignerTest.java:170)
        at org.keyczar.SignerTest.testDsaUnversionedSignAndVerify(SignerTest.java:180)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at junit.framework.TestCase.runTest(TestCase.java:168) 
        at junit.framework.TestCase.runBare(TestCase.java:134)
        at junit.framework.TestResult$1.protect(TestResult.java:110)
        at junit.framework.TestResult.runProtected(TestResult.java:128)
        at junit.framework.TestResult.run(TestResult.java:113)
        at junit.framework.TestCase.run(TestCase.java:124)
        at junit.framework.TestSuite.runTest(TestSuite.java:243)
        at junit.framework.TestSuite.run(TestSuite.java:238)
        at org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:83)
        at org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:59)
        at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:120)
        at org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:103)
        at org.apache.maven.surefire.Surefire.run(Surefire.java:169)        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:350)      
        at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:1021)
Caused by: java.security.SignatureException: invalid signature: out of range 
values
        at sun.security.provider.DSA.engineVerify(DSA.java:334)        at java.security.Signature$Delegate.engineVerify(Signature.java:1146)
        at java.security.Signature.verify(Signature.java:634)
        at org.keyczar.DsaPublicKey$DsaVerifyingStream.verify(DsaPublicKey.java:156)
        ... 28 more
</error>

Original issue reported on code.google.com by norma...@google.com on 27 Oct 2011 at 6:59

GoogleCodeExporter commented 9 years ago

Original comment by jtu...@gmail.com on 2 Mar 2013 at 9:40

GoogleCodeExporter commented 9 years ago 
For easier debugging here is a test case that always fails. This signature was 
produced by the sign method in java and correctly verifies in the python 
implementation, so the error is most likely somewhere in the java verifier. 
I'll get back to this when I have time.

  @Test
  public final void testDsaEdgeCase() throws Exception {
    UnversionedSigner signer = new UnversionedSigner(TEST_DATA + "/dsa");
    byte[] failingSig = {48, 45, 2, 20, 36, 42, 41, -111, 51, -108, -51, 19, 23, 
        50, -61, -58, 49, -24, 72, 73, -99, 37, 1, 118, 2, 21, 0, -105, -48, 
        -71, -86, -21, 35, 43, 26, 16, 59, 50, -2, -8, 124, -67, 95, -41, 85, -52, -34};
    assertTrue(signer.verify(inputBytes, failingSig));
  }

Original comment by dlundb...@google.com on 1 Jul 2013 at 9:31

GoogleCodeExporter commented 9 years ago 
The problem is that one of the keys in the testdata has a q value much smaller 
than the other one. This means that if any r or s is bigger than that q, the 
verification will fail. Instead of returning false in this case the java crypto 
library will throw the error we see above. This error will stop execution 
instead of continuing iterating to check if another key will verify the message.

It is pretty clear the error needs to be caught and then continue iterating 
through the potential keys. Here is my proposed fix.

https://code.google.com/p/keyczar/source/detail?r=f5aee98336662c6486d33df9288b11
469314d406&name=fix_flaky_signer_test

Original comment by dlundb...@google.com on 3 Jul 2013 at 11:16

GoogleCodeExporter commented 9 years ago 
I think patching code that's over a year out of date becomes problematic when 
that method has changed entirely since then from both Shawn's keygen_refactor 
and my keyhash collision support which effectively had the same result of 
continuing to verifying keys.

https://code.google.com/r/jtuley-keyczar-dev/source/browse/java/code/src/org/key
czar/UnversionedVerifier.java?name=java%2Fall#101

Original comment by jtu...@gmail.com on 4 Jul 2013 at 3:52

GoogleCodeExporter commented 9 years ago 
Also this relates to issue 107, which notes there are several RuntimeExceptions 
that could also be thrown.

Original comment by jtu...@gmail.com on 4 Jul 2013 at 4:13

GoogleCodeExporter commented 9 years ago 
Here's the fix for the updated code, just to get rid of the flakiness.

https://code.google.com/p/keyczar/source/detail?r=ba02033c09eda55cf8ca1b71f59e07
299e62887d&name=fix_flaky_signer_test

Original comment by dlundb...@google.com on 20 Aug 2013 at 10:19

GoogleCodeExporter commented 9 years ago

Original comment by dlundb...@google.com on 9 Sep 2013 at 5:45