Skip to content

Consistent errors for KeyStoreWrapper decryption with any security provider #57132

New issue
New issue
Open
Open
Consistent errors for KeyStoreWrapper decryption with any security provider#57132
Labels
:Core/Infra/SettingsSettings infrastructure and APIs:Security/SecuritySecurity issues without another label>enhancementTeam:Core/InfraMeta label for core/infra teamTeam:SecurityMeta label for security teamhelp wantedadoptme
@jkakavas

Description

@jkakavas
jkakavas
opened on May 26, 2020

As identified in #57050 (comment) , when using the BouncyCastle FIPS security provider, the decryption with a wrong password fails in non predictable ways. Sometimes the CipherInputStream doesn't throw an AEADBadTagException as expected but readFully fails to read the stream fully and thus we fail because of these unconsumed stream contents:

elasticsearch/server/src/main/java/org/elasticsearch/common/settings/KeyStoreWrapper.java

Line 379 in c117c0c

throw new SecurityException("Keystore has been corrupted or tampered with");

We should look at a) why this happens and b) figure out if there is a way to consistently catch Exceptions caused by invalid passwords for any security provider so that we can throw a relevant and useful error message for the users.

Metadata

Metadata

Assignees

No one assigned

    Labels

    :Core/Infra/SettingsSettings infrastructure and APIs:Security/SecuritySecurity issues without another label>enhancementTeam:Core/InfraMeta label for core/infra teamTeam:SecurityMeta label for security teamhelp wantedadoptme

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions