From harmony-commits-return-18309-apmail-incubator-harmony-commits-archive=incubator.apache.org@incubator.apache.org Fri Nov 10 11:55:02 2006 Return-Path: Delivered-To: apmail-incubator-harmony-commits-archive@www.apache.org Received: (qmail 22995 invoked from network); 10 Nov 2006 11:55:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 10 Nov 2006 11:55:00 -0000 Received: (qmail 67818 invoked by uid 500); 10 Nov 2006 11:55:11 -0000 Delivered-To: apmail-incubator-harmony-commits-archive@incubator.apache.org Received: (qmail 67799 invoked by uid 500); 10 Nov 2006 11:55:11 -0000 Mailing-List: contact harmony-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: harmony-dev@incubator.apache.org Delivered-To: mailing list harmony-commits@incubator.apache.org Received: (qmail 67788 invoked by uid 99); 10 Nov 2006 11:55:11 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Nov 2006 03:55:11 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Nov 2006 03:54:58 -0800 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 6D8207142FC for ; Fri, 10 Nov 2006 03:54:38 -0800 (PST) Message-ID: <995008.1163159678445.JavaMail.jira@brutus> Date: Fri, 10 Nov 2006 03:54:38 -0800 (PST) From: "Alexander Kleymenov (JIRA)" To: harmony-commits@incubator.apache.org Subject: [jira] Commented: (HARMONY-2125) [classlib][crypto] RSA Cipher implementation corrupts the data In-Reply-To: <15588445.1163073997342.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ http://issues.apache.org/jira/browse/HARMONY-2125?page=comments#action_12448713 ] Alexander Kleymenov commented on HARMONY-2125: ---------------------------------------------- According to the explanations received from developers of BC provider [1], the transformation string used for RSA Cipher instantiating should be extended with padding information (i.e. instead of "RSA", "RSA/ECB/PKCS1Padding" or something like this should be used). The problem in Harmony should disappear after application of the patch from HARMONY-2029 report. [1] http://www.bouncycastle.org/devmailarchive/msg06862.html : Alexander Kleymenov wrote: > Hello, > > While working on Apache Harmony project > (http://incubator.apache.org/harmony) I've discovered the following > problem with RSA Cipher implemented in BC Provider. If the data to be > encrypted has leading zero bytes they disappeared after > encryption/decryption by RSA Cipher. I've filed the bug report in > Harmony project containing the description of the problem and the test > to reproduce it. Please, see the report at: > > http://issues.apache.org/jira/browse/HARMONY-2125 Are you using some padding? If not, you are using RSA in a wrong way. You use plain RSA. And plain RSA accepts only a number between 0 and the modulus-1. So 0001 is the same as 1. And what the implementation does is correct. You should use some padding scheme, e.g. OAEP or PKCS#1. If you want to use plain RSA you must at least include a leading bit or length indicator. But I would not suggest to do so, because in your example you only use 10 bytes from the whole modulus length of e.g. 1024 bit. That means for a known plain text attack except the last 10 bytes all are known. Well, a self invented scheme is very likely to be insecure. Regards, Karsten > > Thank you, > Alexander Kleymenov > > [classlib][crypto] RSA Cipher implementation corrupts the data > -------------------------------------------------------------- > > Key: HARMONY-2125 > URL: http://issues.apache.org/jira/browse/HARMONY-2125 > Project: Harmony > Issue Type: Bug > Components: Classlib > Reporter: Alexander Kleymenov > Attachments: cipherbug.java > > > RSA Cipher implementation used in Harmony corrupts the input data. So the data array with the leading zero bytes after encryption-decryption cycle results in array without leading zero bytes. To reproduce the problem run the attached test. Its output on Harmony is as follows: > > ----------------------- > Initial data: > 1 2 3 4 5 6 7 8 9 A B > Encrypted and Decrypted: > 1 2 3 4 5 6 7 8 9 A B > PASSED > ----------------------- > Initial data: > 0 1 2 3 4 5 6 7 8 9 A > Encrypted and Decrypted: > 1 2 3 4 5 6 7 8 9 A > FAILED: Encrypted/Decrypted data does not equal to initial > > while on RI the output is: > > ----------------------- > Initial data: > 1 2 3 4 5 6 7 8 9 A B > Encrypted and Decrypted: > 1 2 3 4 5 6 7 8 9 A B > PASSED > ----------------------- > Initial data: > 0 1 2 3 4 5 6 7 8 9 A > Encrypted and Decrypted: > 0 1 2 3 4 5 6 7 8 9 A > PASSED > > This problem causes unstable failure of the following unit test: > > org.apache.harmony.tests.internal.net.www.protocol.https.HttpsURLConnectionTest -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira