Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
[OSJ-112] IDP 3.1 Wrong keysize Created: 16/Mar/15 Updated: 16/Mar/15 Resolved: 16/Mar/15 Status: Project: Component/s: Affects Version/s: Fix Version/s: Closed OpenSAML - Java Security 3.1.0 3.1.1 Type: Reporter: Resolution: Labels: Remaining Estimate: Time Spent: Original Estimate: Environment: Bug [email protected] Fixed None Not Specified Issue Links: Related is related to JXT-120 Symmetric key generation for Triple D... Priority: Assignee: Minor Brent Putman Not Specified Not Specified RHEL 6.6 JDK 8 r40 Tomcat8 Closed Description We are testing IDP 3.1 and discovered that when http://www.w3.org/2001/04/xmlenc#tripledes-cbc is listed first in the SP's metadata first the following error is generated. We are running Oracle JDK 8 r40 on Tomcat8. We can work around this by changing the order of possible encrypting key algorithms or removing tripledes-cbc, but we did find it odd and thought you might have seen this before. Exception: 2015-03-15 22:14:43,593 - ERROR [net.shibboleth.idp.saml.profile:-2] - Uncaught runtime exception java.security.InvalidParameterException: Wrong keysize: must be equal to 112 or 168 at com.sun.crypto.provider.DESedeKeyGenerator.engineInit(DESedeKeyGenerator.java:94) ==> idp-warn.log <== 2015-03-15 22:14:43,593 - ERROR [net.shibboleth.idp.saml.profile:-2] - Uncaught runtime exception java.security.InvalidParameterException: Wrong keysize: must be equal to 112 or 168 at com.sun.crypto.provider.DESedeKeyGenerator.engineInit(DESedeKeyGenerator.java:94) Error Message: Web Login Service - Uncaught Exception A software error was encountered that prevents normal operation: java.security.InvalidParameterException: Wrong keysize: must be equal to 112 or 168 Please report this problem to your Help Desk or administrative staff. It has also been logged for an administrator to review. Comments Comment by Brent Putman [ 16/Mar/15 ] Moving this to OpenSAML since that's where the bug actually is. Comment by Brent Putman [ 16/Mar/15 ] Pasting my response on the users list: Yes, I'm familiar with the general issue. IIRC the Java JCA stuff is somewhat inconsistent in what they consider to be the key size for triple DES keys. Some security provider impls treat it as 192 and some treat it as 168 (or 112 if the DESede variant which reuses the first DES key as the third key also). I think it has to do with: Original DES keys were defined as 64 bits. However 8 bits were defined as parity bits. This was back (in the 70's I think) when communications channels weren't so reliable, so they built some parity bits right into the key itself. Or something like that. So anyway, only 56 bits of actual key material. So depending on whether they treat a DES key as 56 vs 64 bits, some impls treat a triple DES key as either 168 or 192. I'll look into it. Comment by Brent Putman [ 16/Mar/15 ] The above is confirmed. The AlgorithmDescriptor for this has a length of 192, which isn't wrong: that's the length of a 3DES key. The problem is that the KeyGenerator impl of SunJCE provider in both Java 7 and 8 only accepts 168 bits. BC on the other hand takes 168 or 192. The fix is to just special case this to 168 bits, the common denominator, in the AlgorithmSupport method that generates symmetric keys. A length of 168 is required to be supported per the JCA docs: http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#impl http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#impl Leaving the getKeyLength(uri) method as-is, because that's used in key resolution stuff, and there the key length really is 192 bits. Generated at Wed Jun 07 20:27:11 EDT 2017 using JIRA 7.0.10#70120sha1:37e3d7a6fc4d580639533e7f7c232c925e554a6a.