Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8161571

Verifying ECDSA signatures permits trailing bytes

    Details

    • Subcomponent:
    • Resolved In Build:
      b129
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Backports

        Description

        FULL PRODUCT VERSION :
        openjdk version "1.8.0_92"
        OpenJDK Runtime Environment (build 1.8.0_92-b14)
        OpenJDK 64-Bit Server VM (build 25.92-b14, mixed mode)

        ADDITIONAL OS VERSION INFORMATION :
        Linux nicks-dryden 4.5.7-200.fc23.x86_64 #1 SMP Wed Jun 8 17:41:50 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

        EXTRA RELEVANT SYSTEM CONFIGURATION :
        Version of sunec.jar:

        unzip -p /usr/lib/jvm/jre/lib/ext/sunec.jar META-INF/MANIFEST.MF
        Manifest-Version: 1.0
        Implementation-Title: Java Runtime Environment
        Implementation-Version: 1.8.0_92
        Specification-Vendor: Oracle Corporation
        Specification-Title: Java Platform API Specification
        Implementation-Vendor-Id: com.sun
        Extension-Name: javax.crypto
        Specification-Version: 1.8
        Created-By: 1.8.0_92 (Oracle Corporation)
        Implementation-Vendor: N/A

        A DESCRIPTION OF THE PROBLEM :
        When verifying ECDSA signatures, the SunEC provider does not validate the signature length, allowing signatures with bogus trailing bytes to be allowed.

        Having stepped through the source code, the problem is in sun.security.ec.ECDSASignature; the decodeSignature() method unpacks the DER signature but does check for trailing bytes.


        REPRODUCIBILITY :
        This bug can be reproduced always.

          Activity

          Hide
          hgupdate HG Updates added a comment -
          URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/714224061029
          User: vinnie
          Date: 2016-07-22 15:10:24 +0000
          Show
          hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/714224061029 User: vinnie Date: 2016-07-22 15:10:24 +0000
          Hide
          hgupdate HG Updates added a comment -
          URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/714224061029
          User: amurillo
          Date: 2016-07-27 18:24:09 +0000
          Show
          hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/714224061029 User: amurillo Date: 2016-07-27 18:24:09 +0000
          Hide
          afomin Alexander Fomin (Inactive) added a comment -
          No product issues found during recent nightly. UR SQE Ok to take the fix to CPU17_01.
          Show
          afomin Alexander Fomin (Inactive) added a comment - No product issues found during recent nightly. UR SQE Ok to take the fix to CPU17_01.

            People

            • Assignee:
              vinnie Vincent Ryan
              Reporter:
              webbuggrp Webbug Group
            • Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: