"RC2/CBC/NoPadding cannot use a null parameter" error message pops up when trying to import a PKCS12 file

RESOLVED FIXED in 4.2.6

Status

P2
normal
RESOLVED FIXED
15 years ago
11 years ago

People

(Reporter: Alexei.G.Goumilevski, Assigned: glenbeasley)

Tracking

unspecified
4.2.6

Details

Attachments

(1 attachment)

(Reporter)

Description

15 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7


I am trying to import a pkcs#12 file into a sample NSS certificate and key
database directory and I am getting an error message:
"RC2/CBC/NoPadding cannot use a null parameter"
I am running jss sample code located at:
jss-3.4.1-src/mozilla/security/jss/samples/pkcs12.java
NSS 3.9, NSPR 4.4.1 and JSS 3.4.1 versions of the software are used.
This error message is not seen when using the earlier version of JSS 3.2.


Reproducible: Always
Steps to Reproduce:
1. Set classpath to point to jss34.jar and system path to point to NSS 3.9, NSPR
4.4.1 and JSS 3.4.1 dll libraries
2.Run jss sample code located at pkcs12 located in
jss-3.4.1-src/mozilla/security/jss/samples directory
3. Try to import a PKCS12 file into sample NSS certificate and key database.

Actual Results:  
Decoded PFX
Version: 3
AuthSafes has 2 SafeContents
Enter password:
**********
Enter new password:
*******
AuthSafes verifies correctly.


SafeContents #0 has 1 bags

Bag 0 has type {1 2 840 113549 1 12 10 1 2}
Friendly Name: test
LocalKeyID:
content is EncryptedPrivateKeyInfo, algoid:{1 2 840 113549 1 12 1 3}
Enter password for Internal Key Storage Token
********
java.security.InvalidAlgorithmParameterException: RC2/CBC/NoPadding
cannot use a null parameter
        at org.mozilla.jss.pkcs11.PK11Cipher.checkParams(PK11Cipher.java:250)
        at org.mozilla.jss.pkcs11.PK11Cipher.initDecrypt(PK11Cipher.java:136)
        at
org.mozilla.jss.pkcs7.EncryptedContentInfo.decrypt(EncryptedContentInfo.java:290)
        at
org.mozilla.jss.pkcs12.AuthenticatedSafes.getSafeContentsAt(AuthenticatedSafes.java:179)
        at pkcs12.main(pkcs12.java:130)

Expected Results:  
Import of a PKCS12 file into certificate and key database.

Comment 1

13 years ago
I Found It so when I try to import thawte personal certificate

Comment 2

13 years ago
Sorry, this bug "fell through the cracks".

I looked into this a little bit today and believe that
I found the JSS changes that caused this regression.
In the following, the diffs are generated between
JSS_3_2_RTM and JSS_3_4_1_RTM, the good and bad versions
reported by the bug submittor.

1. A new method isValidParameterObject was added to
the org.mozilla.jss.crypto.Algorithm class:

+    /**
+     * Returns <tt>true</tt> if the given Object can be used as a parameter
+     * for this algorithm.
+     * <p>If <tt>null</tt> is passed in, this method will return <tt>true</tt>
+     *      if this algorithm takes no parameters, and <tt>false</tt>
+     *      if this algorithm does take parameters.
+     */
+    public boolean isValidParameterObject(Object o) {
+        if( o == null ) {
+            return (parameterClasses.length == 0);
+        }

2. The checkParams method of the org.mozilla.jss.pkcs11.PK11Cipher
class was modified to call the new Algorithm.isValidParameterObject
method:

     private void checkParams(AlgorithmParameterSpec params)
         throws InvalidAlgorithmParameterException
     {
-        Class paramClass = algorithm.getParameterClass();
-        if(params==null) {
-            if(paramClass != null) {
-                // this algorithm takes a parameter, but none was given
-                throw new InvalidAlgorithmParameterException(algorithm+
-                    " requires an algorithm parameter");
-            }
-        } else {
-            if( paramClass == null ) {
-                //this algorithm doesn't take a param, but one was given
-                throw new InvalidAlgorithmParameterException(algorithm+
-                    " does not take a parameter");
-            } else if( ! ( paramClass.isInstance(params) ) ) {
-                throw new InvalidAlgorithmParameterException(algorithm+
-                    " expects a parameter of type "+paramClass);
+        if( ! algorithm.isValidParameterObject(params) ) {
+            String name = "null";
+            if( params != null ) {
+                name = params.getClass().getName();
             }
+            throw new InvalidAlgorithmParameterException(algorithm +
+                " cannot use a " + name + " parameter");
         }
     }
+        if( parameterClasses.length == 0 ){
+            return false;
+        }
+        Class c = o.getClass();
+        for( int i = 0; i < parameterClasses.length; ++i) {
+            if( c.equals( parameterClasses[i] ) ) {
+                return true;
+            }
+        }
+        return false;
     }

3. So far, so good.  Now, in org/mozilla/jss/crypto/EncryptionAlgorithm.java,
the constructor for the RC2/CBC/NoPassing algorithm changed from:

     public static final EncryptionAlgorithm
-    RC2_CBC = new EncryptionAlgorithm(SEC_OID_RC2_CBC, "RC2/CBC/NoPadding",
-        IVParameterSpec.class, 8, false,
-        OBJECT_IDENTIFIER.RSA_CIPHER.subBranch(2) );

to:

     public static final EncryptionAlgorithm
+    RC2_CBC = new EncryptionAlgorithm(SEC_OID_RC2_CBC, Alg.RC2, Mode.CBC,
+        Padding.NONE, RC2ParameterSpec.class, 8,
+        null, 0); // no oid, see comment below

Note the fifth argument changed from IVParameterSpec.class to
RC2ParameterSpec.class.  This was made in rev. 1.8 of that file.
The CVS commit comment is:

Fix blackflag 619793: support RC2/CBC/PKCS5Padding.  (Blackflag
was a Netscape internal Bugzilla database.)

4. Finally, in the decrypt method of the
org.mozilla.jss.pkcs7.EncryptedContentInfo class (which
did not change), we have:

       // compute algorithm parameters
       EncryptionAlgorithm encAlg = ((PBEAlgorithm)kgAlg).getEncryptionAlg();
       AlgorithmParameterSpec algParams;
       if( encAlg.getParameterClass().equals( IVParameterSpec.class ) ) {
           algParams = new IVParameterSpec( kg.generatePBE_IV() );
       } else {
           algParams = null;
       }

       // perform the decryption
       Cipher cipher = token.getCipherContext( encAlg );
       cipher.initDecrypt(key, algParams);

I believe what happened is as follows.  Because of Change 3, the
class of the parameter of the RC2/CBC/NoPadding algorithm is no
longer IVParameterSpec.class, so we now pass null as algParams to
cipher.initDecrypt, which calls the checkParams method, which
in turn calls isValidParameterObject on null.  Since the
RC2/CBC/NoPadding algorithm has a parameter class, null is
not a valid parameter.

I think the fix would be to enhance the code in
org.mozilla.jss.pkcs7.EncryptedContentInfo.decrypt to
be able to construct a RC2ParameterSpec object.  The
RC2ParameterSpec constructor takes an "int effectiveKeyBits"
argument:
http://java.sun.com/j2se/1.4.2/docs/api/javax/crypto/spec/RC2ParameterSpec.html#RC2ParameterSpec(int,%20byte[])

I don't know how to get the effectiveKeyBits for RC2...
perhaps key.getStrength(), where key is a SymmetricKey?
This calls NSS's PK11_GetKeyStrength function.


Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
(Assignee)

Updated

13 years ago
Assignee: wtchang → glen.beasley
Status: ASSIGNED → NEW

Comment 3

13 years ago
Is there a workaround for this bug?
(Assignee)

Comment 4

13 years ago
the only work around is to use the NSS pk12util tool instead of JSS. 

http://www.mozilla.org/projects/security/pki/nss/tools/pk12util.html

We will put this but higher on our list, or you also can provide 
a fix to the open souce. 
Reassigning to Neil, who is working on bug 363721, which appears to be 
a duplicate of this bug.
Priority: -- → P3
QA Contact: documentation
Really reassigning to Neil this time. :)
Assignee: glen.beasley → neil.williams
Duplicate of this bug: 363721

Comment 8

12 years ago
Changing priority and component since the problem is actually in org.mozilla.jss.pkcs12.PFX.class which is shipped in the JSS library.
Assignee: neil.williams → glen.beasley
Component: Sample Code → Library
OS: Windows 2000 → All
Priority: P3 → P2
QA Contact: documentation
Hardware: PC → All
QA Contact: libraries
QA Contact: libraries → jss-qa
(Assignee)

Comment 9

11 years ago
Created attachment 289434 [details] [diff] [review]
handle RC2 parameter spec

Per Comment #2 RC2ParameterSpec constructor takes an "int effectiveKeyBits"
argument. I called the key.getStrength(), where key is a SymmetricKey. Similar
code is in engineInit method of JSSCipherSpi.java. 

after this bug completes review I will complete bug 205070 there is a few more places where RC2ParameterSpec is not handled. 

I also think I will modify the program and move it to the tests directory and add it to all.pl in a separate patch. 

java -cp ./jss4.jar org.mozilla.jss.tests.pkcs12 . ./passwords rsa.pfx rsab.pfx
main: jss library loaded
***FilePasswordCallback returns m1oZilla
Decoded PFX
Version: 3
AuthSafes has 2 SafeContents
AuthSafes verifies correctly.


SafeContents #0 has 1 bags

Bag 0 has type {1 2 840 113549 1 12 10 1 2}
Friendly Name: CA_RSA
LocalKeyID:
content is EncryptedPrivateKeyInfo, algoid:{1 2 840 113549 1 12 1 3}


SafeContents #1 has 1 bags

Bag 0 has type {1 2 840 113549 1 12 10 1 3}
Friendly Name: CA_RSA
LocalKeyID:
content is CertBag
CertificateInfo:
Version: v3
Serial Number: 100
Sig OID: {1 2 840 113549 1 1 11}
Issuer: C=US, O=Mozilla, OU=JSS Testing100, CN=CACert
Not Before: Wed Nov 14 17:12:34 PST 2007
Not After: Fri Nov 14 17:12:34 PST 2008
Subject: C=US, O=Mozilla, OU=JSS Testing100, CN=CACert
Attachment #289434 - Flags: review?(wtc)
(Assignee)

Updated

11 years ago
Status: NEW → ASSIGNED
Target Milestone: --- → 4.2.6

Comment 10

11 years ago
Comment on attachment 289434 [details] [diff] [review]
handle RC2 parameter spec

r=wtc.

>+        } else if ( 
>+                encAlg.getParameterClass().equals( RC2ParameterSpec.class ) ) {

Please format this else-if the same way you format the first else-if
in the patch.

Nit: the original author of the file didn't use a space after "if".
The patch probably should follow his style.  Sigh.
Attachment #289434 - Flags: review?(wtc) → review+
(Assignee)

Comment 11

11 years ago
/cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs7/EncryptedContentInfo.java,v  <--  EncryptedContentInfo.java
new revision: 1.5; previous revision: 1.4
done
(Assignee)

Updated

11 years ago
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.