Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jdk22 OpenJDK com/sun/crypto/provider/Cipher/AEAD/AEADBufferTest - javax.crypto.ShortBufferException: Need at least 130 bytes of space in output buffer #18703

Closed
pshipton opened this issue Jan 5, 2024 · 8 comments
Closed

jdk22 OpenJDK com/sun/crypto/provider/Cipher/AEAD/AEADBufferTest - javax.crypto.ShortBufferException: Need at least 130 bytes of space in output buffer #18703

pshipton opened this issue Jan 5, 2024 · 8 comments
Labels
comp:crypto jdk22 test failure
Milestone
Java 22 (0.45)

Comments

@pshipton
Copy link
Member

pshipton commented Jan 5, 2024

https://openj9-jenkins.osuosl.org/job/Test_openjdk22_j9_sanity.openjdk_aarch64_mac_Personal_testList_2/1
jdk_security2
com/sun/crypto/provider/Cipher/AEAD/AEADBufferTest.java

16:06:12  Algo: ChaCha20-Poly1305 	Ops: [HEAP, HEAP]
16:06:12  Encrypt:  Data Index: 1
16:06:12  	input len: 114  inOfs 0  outOfs 0  in/out buffer: different
16:06:12  	input len: 114  inOfs 0  outOfs 0  in/out buffer: in-place
16:06:12  Decrypt:  Data Index: 1
16:06:12  	input len: 130  inOfs 0  outOfs 0  in/out buffer: different
16:06:12  	input len: 130  inOfs 0  outOfs 0  in-place: same
16:06:12  javax.crypto.ShortBufferException: Need at least 130 bytes of space in output buffer
16:06:12  	at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:753)
16:06:12  	at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:723)
16:06:12  	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2555)
16:06:12  	at AEADBufferTest.cryptoSameBuffer(AEADBufferTest.java:635)
16:06:12  	at AEADBufferTest.decrypt(AEADBufferTest.java:364)
16:06:12  	at AEADBufferTest.test(AEADBufferTest.java:317)
16:06:12  	at AEADBufferTest.main(AEADBufferTest.java:783)
@pshipton pshipton added this to the Java 22 milestone Jan 5, 2024
@pshipton
Copy link
Member Author

pshipton commented Jan 16, 2024
edited
Loading

https://openj9-jenkins.osuosl.org/job/Test_openjdk22_j9_sanity.openjdk_aarch64_linux_Nightly_testList_2/1
jdk_security2_0
com/sun/crypto/provider/Cipher/AEAD/AEADBufferTest.java

22:25:49  java.security.ProviderException: Error in Native CipherBlockChaining
22:25:49  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher$EngineAEADEnc.doUpdate(NativeChaCha20Cipher.java:1026)
22:25:49  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher$EngineAEADEnc.doFinal(NativeChaCha20Cipher.java:1045)
22:25:49  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher.engineDoFinal(NativeChaCha20Cipher.java:782)
22:25:49  	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2470)
22:25:49  	at AEADBufferTest.cryptoSameBuffer(AEADBufferTest.java:630)
22:25:49  	at AEADBufferTest.encrypt(AEADBufferTest.java:342)
22:25:49  	at AEADBufferTest.test(AEADBufferTest.java:314)
22:25:49  	at AEADBufferTest.offsetTests(AEADBufferTest.java:661)
22:25:49  	at AEADBufferTest.main(AEADBufferTest.java:769)
22:25:49  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
22:25:49  	at java.base/java.lang.reflect.Method.invoke(Method.java:586)
22:25:49  	at com.sun.javatest.regtest.agent.MainActionHelper$AgentVMRunnable.run(MainActionHelper.java:333)
22:25:49  	at java.base/java.lang.Thread.run(Thread.java:1582)
22:25:49  
22:25:49  JavaTest Message: Test threw exception: java.security.ProviderException
22:25:49  JavaTest Message: shutting down test
22:25:49  
22:25:49  stderr:
22:25:49  An OpenSSL error occurred
22:25:49  error:060DB0A2:digital envelope routines:evp_EncryptDecryptUpdate:partially overlapping buffers

@babsingh babsingh mentioned this issue Jan 24, 2024
Merged
@pshipton
Copy link
Member Author

pshipton commented Feb 5, 2024
edited
Loading

https://openj9-jenkins.osuosl.org/job/Test_openjdk22_j9_sanity.openjdk_aarch64_linux_Nightly_testList_1/3
jdk_security2_1
com/sun/crypto/provider/Cipher/AEAD/OverlapByteBuffer.java

22:22:56  STDOUT:
22:22:56  Using array-backed ByteBuffer
22:22:56  inOfsInBuf  = 1
22:22:56  outOfsInBuf = 0
22:22:56  stderr:
22:22:56  An OpenSSL error occurred
22:22:56  error:060DB0A2:digital envelope routines:evp_EncryptDecryptUpdate:partially overlapping buffers
22:22:56  STDERR:
22:22:56  java.lang.Exception: Error with base offset -1
22:22:56  	at OverlapByteBuffer.test(OverlapByteBuffer.java:170)
22:22:56  	at OverlapByteBuffer.main(OverlapByteBuffer.java:60)
22:22:56  	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
22:22:56  	at java.base/java.lang.reflect.Method.invoke(Method.java:586)
22:22:56  	at com.sun.javatest.regtest.agent.MainActionHelper$AgentVMRunnable.run(MainActionHelper.java:333)
22:22:56  	at java.base/java.lang.Thread.run(Thread.java:1582)
22:22:56  Caused by: java.security.ProviderException: Error in Native CipherBlockChaining
22:22:56  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher$EngineAEADEnc.doUpdate(NativeChaCha20Cipher.java:1026)
22:22:56  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher$EngineAEADEnc.doFinal(NativeChaCha20Cipher.java:1045)
22:22:56  	at java.base/com.sun.crypto.provider.NativeChaCha20Cipher.engineDoFinal(NativeChaCha20Cipher.java:782)
22:22:56  	at java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:788)
22:22:56  	at java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:723)
22:22:56  	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2555)
22:22:56  	at OverlapByteBuffer.test(OverlapByteBuffer.java:141)
22:22:56  	... 5 more

Update exclude list adoptium/aqa-tests#5038

@pshipton
Copy link
Member Author

pshipton commented Feb 5, 2024

@jasonkatonica this will be blocking jdk22 GA unless we determine otherwise.

pshipton added a commit to pshipton/openjdk-tests that referenced this issue Feb 5, 2024
@pshipton
Exclude Cipher/AEAD/OverlapByteBuffer for OpenJ9
62b96f0 
Issue eclipse-openj9/openj9#18703

Signed-off-by: Peter Shipton <[email protected]>
@pshipton pshipton mentioned this issue Feb 5, 2024
Merged
karianna pushed a commit to adoptium/aqa-tests that referenced this issue Feb 6, 2024
@pshipton
Exclude Cipher/AEAD/OverlapByteBuffer for OpenJ9 (#5038)
c1c26f9 
Issue eclipse-openj9/openj9#18703

Signed-off-by: Peter Shipton <[email protected]>
@jasonkatonica
Copy link
Contributor

@pshipton we will look closer into this one sometime soon.

@jasonkatonica
Copy link
Contributor

This test is specifically testing overlapping input and output buffers that are being used for consumption of clear text and cipher text. The test fails on this line.

The Cipher documentation has a line mentioned as so:

Note: this method should be copy-safe, which means the input and output buffers can reference the same byte array and no unprocessed input data is overwritten when the result is copied into the output buffer.

In our case however for this cipher we call the openssl library. There are a few OpenSSL checks at spot1 and spot2 that could throw an error when calling this method in those two spots.

This test appears to have been modified about 3 weeks ago using this commit perhaps the additional coverage added for ChaCha20-Poly1305 ends up causing a failure to occur in OpenSSL.

@jasonkatonica
Copy link
Contributor

jasonkatonica commented Feb 6, 2024
edited
Loading

Given that there is javadoc surrounding expected behavior here for Cipher in the case of overlapping input and output buffers we have a few options to consider so far. We believe that this behavior has been present for a long period of time and users have not run into any issues so far although we believe this to be a real issue that needs to be addressed.

  1. Update OpenSSL to allow for overlapping buffers.
  2. Make and update to our OpenSSL cipher classes to copy the input or output buffer to a new location, perform the cryptographic operation, and then copy the result back to where it is expected. This will certainly affect performance although we would only do this when overlapping buffers are present. Given that this is currently not working this shouldn't be too big of a problem.
  3. Allow this to fail and we ignore the test.

We are currently considering option 2 above as our best option. Option 1 is outside of the teams scope without dedicating large amounts of time and Option 3 seems to violate what the public javadoc and expected behavior really should be from a functional perspective.

@jasonkatonica
Copy link
Contributor

Some further investigation needs to be done why the code located in this method is not already creating a copy of the buffer before it reaches the NativeChaCha20Cipher class. This method seems to have the logic we need in this case.

jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 11, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
e90e0c2 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 11, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
b397aa9 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 12, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
f095bf7 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 12, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
7a96771 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 12, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
c70bfe8 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 12, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
bacf1c1 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 12, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
73b1cc2 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk that referenced this issue Feb 13, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
25d5c81 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
@jasonkatonica jasonkatonica mentioned this issue Feb 13, 2024
Merged
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 13, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
7162e66 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk that referenced this issue Feb 13, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
824252e 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 14, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
735c0f2 
When using the ChaCha20 algorithms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer than necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 15, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
aab937e 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
a52e523 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk22 that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
f19f267 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk21 that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
c76bd41 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk17 that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
075d934 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk11 that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
9963fa0 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk17 that referenced this issue Feb 16, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
85b06b6 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
This was referenced Feb 19, 2024
Merged
Merged
Merged
Merged
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk11 that referenced this issue Feb 21, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
c267d3d 
When using the ChaCha20 algorothms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer then necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/openj9-openjdk-jdk11 that referenced this issue Feb 21, 2024
@jasonkatonica
Avoid overlapping buffers in native ChaCha20
ecec125 
When using the ChaCha20 algorithms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the
ChaCha20 algorithm.

The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.

Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer than necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.

Each of these changes fix the two failing tests
reported in issue [18703](eclipse-openj9/openj9#18703).

Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica added a commit to jasonkatonica/aqa-tests that referenced this issue Feb 21, 2024
@jasonkatonica
Execute AEADBufferTest and OverlapByteBuffer tests
e1138b6 
Both of these tests can now be executed given the development of fixes
for issue eclipse-openj9/openj9#18703

Signed-off-by: Jason Katonica <[email protected]>
@jasonkatonica jasonkatonica mentioned this issue Feb 21, 2024
Merged
@jasonkatonica
Copy link
Contributor

This issue should now be fixed within the native chacha20 implementation and merged into JDK 11, 17, 21, 22, and the head stream. See associated PRs above for description on what was changed.

An additional PR was submitted to remove the previously failing tests from the ignore list for JDK 22 and 23.

JasonFengJ9 pushed a commit to adoptium/aqa-tests that referenced this issue Feb 21, 2024
@jasonkatonica
Execute AEADBufferTest and OverlapByteBuffer tests (#5085)
a78a201 
Both of these tests can now be executed given the development of fixes
for issue eclipse-openj9/openj9#18703

Signed-off-by: Jason Katonica <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
comp:crypto jdk22 test failure
Projects
None yet
Milestone
Java 22 (0.45)
Development

No branches or pull requests
3 participants
@tajila @pshipton @jasonkatonica