Unencrypted private keys in JKS files cannot be decrypted with the JKS passphrase
juissi-t opened this issue ยท 10 comments
Our application creates JKS files using PyJKS version 17.1.0 using the following method:
def jks_key(alias: str, chain: list, key_der: bytes, passphrase: str) -> bytes:
""" generate a java keystore with an alias for the given key """
pke = jks.PrivateKeyEntry.new(alias, chain, key_der, 'rsa_raw')
keystore = jks.KeyStore.new('jks', [pke])
return keystore.saves(passphrase)
Up until recently the JKS files have worked well, and our Java application could read and decrypt the private key using the provided passphrase.
Since the pyasn1 module was updated to version 0.3.2 and pyasn1-modules to version 0.0.11, the JKS files created by the application no longer work. The passphrase can decrypt the JKS itself, but cannot decrypt the private key within it anymore.
http://pyjks.readthedocs.io/en/latest/jks.html#jks.jks.KeyStore.saves states: "If any of the private keys are unencrypted, they will be encrypted with the same password as the keystore." This statement does not seem to hold true anymore.
Issue appears to be introduced between 0.3.1 and 0.3.2 of pyasn1.
At first glance, this looks like it may be a regression introduced in 0.3.2. Version 0.3.1 is the first release in the 0.3.x branch and was released only about a month ago, and has received two regression fixes so far -- the last only 3 days ago with the release of 0.3.3, and it looks like a third one is underway on the main branch.
Naturally, I'll check if I can find anything we're doing wrong on our side. But my initial advice would be: step away from the bleeding edge, revert to 0.3.1 (which seems to be working fine) and give pyasn1 some time to work things out in 0.3.x.
Thanks for the info! We ended up pinning pyasn1 and pyasn1-modules versions for our tool to known-working versions.
The relevant JDK error:
keytool -importkeystore -srckeystore bootstrap.jks -destkeystore bootstrap.p12 -deststoretype PKCS12 -srcalias bootstrap -deststorepass <PASS> -destkeypass <PASS> -srcstorepass <PASS> -srckeypass <PASS>
keytool error: java.security.UnrecoverableKeyException: excess private key
Hey all, can anyone share code to reproduce this? Or let me know if the newest version of pyasn1 still has this issue? There have been several releases lately, and I want to know if this is still an issue. If so, we can/should propagate it up the pyasn1 itself perhaps.
The code we use to generate the keystores is in the first comment. The keytool command to reproduce the error are in @mindw's comment just above you.
This broke by: etingof/pyasn1@6fa0e31
The problem is that the optional attributes field in the PrivateKeyInfo is now being included without anything in it. Before:
0:d=0 hl=4 l=1213 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=2 l= 13 cons: SEQUENCE
9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
20:d=2 hl=2 l= 0 prim: NULL
22:d=1 hl=4 l=1191 prim: OCTET STRING [HEX DUMP]:308204A3...
After:
0:d=0 hl=4 l=1215 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=2 l= 13 cons: SEQUENCE
9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
20:d=2 hl=2 l= 0 prim: NULL
22:d=1 hl=4 l=1191 prim: OCTET STRING [HEX DUMP]:308204A...
1217:d=1 hl=2 l= 0 cons: cont [ 0 ]
We can fix this in our code, but it seems strange to me that we have to. I will create a bug in pyasn1 and ask if this is how it's supposed to be. If it is, then I will create a fix.
ref issue etingof/pyasn1#115 .
@mindw +1'd. Anyone here need me to cut a release with pyasn1<0.3.2 to fix a pip install or something similar?
@here : looking at etingof/pyasn1#115, I suppose the issue should be fixed soon : right ?
Otherwise... I'm indeed interested in a release with pyasn1<0.3.2 to fix ;)
Thx for feedback !
Yes, this should be fixed soon @jcdevil. Sorry that it has taken forever!