VOOZH about

URL: https://www.ibm.com/support/pages/apar/PH52970

⇱ PH52970: CHACHA20-POLY1305 CIPHER DECRYPTION CHUNK UPDATE FIX

PH52970: CHACHA20-POLY1305 CIPHER DECRYPTION CHUNK UPDATE FIX

APAR status

  • Closed as program error.

Error description

  • Error Message: If a buffer is used to apply several updates,
then calling the doFinal method in decryption mode, there could
be a provider exception for specific input cipher sizes which
depends on the buffer size. Possible error messages are as
follows:
java.io.IOException: Unable to decrypt message
javax.net.ssl.SSLException: Fail to unwrap network record
java.security.ProviderException: Failure in engineDoFinal
.
Stack Trace: java.security.ProviderException: Failure in
engineDoFinal
-
java.base/com.ibm.crypto.plus.provider.OpenJCEPlus.providerExcep
tion(OpenJCEPlus.java:2005)
-
java.base/com.ibm.crypto.plus.provider.ChaCha20Poly1305Cipher.en
gineDoFinal(ChaCha20Poly1305Cipher.java:109)
-
java.base/javax.crypto.CipherSpi.bufferCrypt(CipherSpi.java:826)
-
java.base/javax.crypto.CipherSpi.engineDoFinal(CipherSpi.java:73
0)
- java.base/javax.crypto.Cipher.doFinal(Cipher.java:2497)
.

Local fix

  • The workaround depends on the usage context. In the case of
using client and server over TLSv1.3, Other cipher suites than
ChaCha20-Poly1305 can be enabled and used. If using chunk update
in the decryption mode, then decryption can be done using
different buffer sizes for failing inputs.

Problem summary

  • ChaCha20-Poly1305 Cipher Decryption Chunk Update: If a buffer is
used to apply several updates, then calling the doFinal method
in decryption mode, there could be a provider exception for
specific input cipher sizes which depends on the buffer size.
Possible error messages are as follows:
java.io.IOException: Unable to decrypt message
javax.net.ssl.SSLException: Fail to unwrap network record
java.security.ProviderException: Failure in engineDoFinal

Problem conclusion

  • The security provider code was changed to handle edge cases
related to the ChaCha20-Poly1305 cipher in decryption mode with
a chunk update. The fix handles different buffer sizes with
different input sizes.
.
This APAR will be fixed in the following Releases:
.
IBM Semeru Runtimes
 11 11.0.19.0
IBM SDK, Java Technology Edition
 8 SR8 FP5 (8.0.8.5)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
maintenance can be found at:
 https://www.ibm.com/support/pages/java-sdk

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    PH52970
    • 

  • Reported component name
    JAVA Z/OS 64
    • 

  • Reported component ID
    620700104
    • 

  • Reported release
    B00
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-03-02
    • 

  • Closed date
    2023-04-29
    • 

  • Last modified date
    2023-04-29
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    JAVA Z/OS 64
    • 

  • Fixed component ID
    620700104
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SG19M","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"B00"}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 30 April 2023