Add support for more named curves (#55179) (#55538)

We implicitly only supported the prime256v1 ( aka secp256r1 )
curve for the EC keys we read as PEM files to be used in any
SSL Context. We would not fail when trying to read a key
pair using a different curve but we would silently assume
that it was using `secp256r1` which would lead to strange
TLS handshake issues if the curve was actually another one.

This commit fixes that behavior in that it
supports parsing EC keys that use any of the named curves
defined in rfc5915 and rfc5480 making no assumptions about
whether the security provider in use supports them (JDK8 and
higher support all the curves defined in rfc5480).

Author: jkakavas

libs/ssl-config/src/main/java/org/elasticsearch/common/ssl/PemUtils.java

@@ -510,9 +510,12 @@ private static ECPrivateKeySpec parseEcDer(byte[] keyBytes) throws IOException,
         parser.readAsn1Object().getInteger(); // version
         String keyHex = parser.readAsn1Object().getString();
         BigInteger privateKeyInt = new BigInteger(keyHex, 16);
+        DerParser.Asn1Object choice = parser.readAsn1Object();
+        parser = choice.getParser();
+        String namedCurve = getEcCurveNameFromOid(parser.readAsn1Object().getOid());
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
-        AlgorithmParameterSpec prime256v1ParamSpec = new ECGenParameterSpec("secp256r1");
-        keyPairGenerator.initialize(prime256v1ParamSpec);
+        AlgorithmParameterSpec algorithmParameterSpec = new ECGenParameterSpec(namedCurve);
+        keyPairGenerator.initialize(algorithmParameterSpec);
         ECParameterSpec parameterSpec = ((ECKey) keyPairGenerator.generateKeyPair().getPrivate()).getParams();
         return new ECPrivateKeySpec(privateKeyInt, parameterSpec);
     }
@@ -610,4 +613,43 @@ private static MessageDigest messageDigest(String digestAlgorithm) {
             throw new SslConfigException("unexpected exception creating MessageDigest instance for [" + digestAlgorithm + "]", e);
         }
     }
+    
+    private static String getEcCurveNameFromOid(String oidString) throws GeneralSecurityException {
+        switch (oidString) {
+            // see https://tools.ietf.org/html/rfc5480#section-2.1.1.1
+            case "1.2.840.10045.3.1":
+                return "secp192r1";
+            case "1.3.132.0.1":
+                return "sect163k1";
+            case "1.3.132.0.15":
+                return "sect163r2";
+            case "1.3.132.0.33":
+                return "secp224r1";
+            case "1.3.132.0.26":
+                return "sect233k1";
+            case "1.3.132.0.27":
+                return "sect233r1";
+            case "1.2.840.10045.3.1.7":
+                return "secp256r1";
+            case "1.3.132.0.16":
+                return "sect283k1";
+            case "1.3.132.0.17":
+                return "sect283r1";
+            case "1.3.132.0.34":
+                return "secp384r1";
+            case "1.3.132.0.36":
+                return "sect409k1";
+            case "1.3.132.0.37":
+                return "sect409r1";
+            case "1.3.132.0.35":
+                return "secp521r1";
+            case "1.3.132.0.38":
+                return "sect571k1";
+            case "1.3.132.0.39":
+                return "sect571r1";
+        }
+        throw new GeneralSecurityException("Error parsing EC named curve identifier. Named curve with OID: " + oidString 
+            + " is not supported");
+    }
+
 }

libs/ssl-config/src/test/java/org/elasticsearch/common/ssl/PemUtilsTests.java

@@ -27,6 +27,8 @@
 import java.security.Key;
 import java.security.KeyStore;
 import java.security.PrivateKey;
+import java.security.interfaces.ECPrivateKey;
+import java.security.spec.ECParameterSpec;
 import java.util.function.Supplier;
 
 import static org.hamcrest.Matchers.equalTo;
@@ -53,7 +55,6 @@ public void testReadPKCS8RsaKeyWithBagAttrs() throws Exception {
         assertThat(key, notNullValue());
         assertThat(key, instanceOf(PrivateKey.class));
         PrivateKey privateKey = PemUtils.readPrivateKey(getDataPath("/certs/pem-utils/testnode_with_bagattrs.pem"), EMPTY_PASSWORD);
-        assertThat(privateKey, notNullValue());
         assertThat(privateKey, equalTo(key));
     }
 
@@ -66,6 +67,15 @@ public void testReadPKCS8DsaKey() throws Exception {
         assertThat(privateKey, equalTo(key));
     }
 
+    public void testReadEcKeyCurves() throws Exception {
+        String curve = randomFrom("secp256r1", "secp384r1", "secp521r1");
+        PrivateKey privateKey = PemUtils.readPrivateKey(getDataPath("/certs/pem-utils/private_" + curve + ".pem"), ""::toCharArray);
+        assertThat(privateKey, instanceOf(ECPrivateKey.class));
+        ECParameterSpec parameterSpec = ((ECPrivateKey) privateKey).getParams();
+        // This is brittle but we can't access sun.security.util.NamedCurve
+        assertThat(parameterSpec.toString(), containsString(curve));
+    }
+
     public void testReadPKCS8EcKey() throws Exception {
         Key key = getKeyFromKeystore("EC");
         assertThat(key, notNullValue());

libs/ssl-config/src/test/resources/certs/pem-utils/README.asciidoc

@@ -147,3 +147,29 @@ openssl x509 -req -in n2.c2.csr -extensions SAN -CA ca.crt -CAkey ca.key -CAcrea
        -extfile <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=otherName.1:2.5.4.3;UTF8:node2.cluster2"))\
        -out n2.c2.crt -days 10000
 ------
+
+== Generate EC keys using various curves for testing
+
+[source,shell]
+-------
+openssl ecparam -list_curves
+-------
+
+will list all the available curves in a given system.
+For the purposes of the tests here, the following curves were used to generate ec keys named accordingly:
+
+[source,shell]
+-------
+openssl ecparam -name secp256r1 -genkey -out private_secp256r1.pem
+openssl ecparam -name secp384r1 -genkey -out private_secp384r1.pem
+openssl ecparam -name secp521r1 -genkey -out private_secp521r1.pem
+-------
+
+and the respective certificates
+
+[source,shell]
+-------
+openssl req -x509 -extensions v3_req -key private_secp256r1.pem -out certificate_secp256r1.pem -days 1460 -config openssl_config.cnf
+openssl req -x509 -extensions v3_req -key private_secp384r1.pem -out certificate_secp384r1.pem -days 1460 -config openssl_config.cnf
+openssl req -x509 -extensions v3_req -key private_secp521r1.pem -out certificate_secp521r1.pem -days 1460 -config openssl_config.cnf
+-------

libs/ssl-config/src/test/resources/certs/pem-utils/certificate_secp256r1.pem

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAaygAwIBAgIUAhfs6i7USsFCrKcjhaYmjOOekd8wCgYIKoZIzj0EAwIw
+IjEgMB4GA1UEAxMXRWxhc3RpY3NlYXJjaCBUZXN0IE5vZGUwHhcNMjAwNDE0MTg0
+OTA0WhcNMjQwNDEzMTg0OTA0WjAiMSAwHgYDVQQDExdFbGFzdGljc2VhcmNoIFRl
+c3QgTm9kZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN7Ioe2JD2Ssbk0pF19W
+iwO/leZtIcCIZP9btPMGhq0r4e6va/qCYFRJoAMEKv49RQwL23MfBK1Djm63pl7z
+33Cjgb8wgbwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUZGVhl0jaavD09XqqAZq+QB+q
+VzMwgY8GA1UdEQSBhzCBhIIJbG9jYWxob3N0ghVsb2NhbGhvc3QubG9jYWxkb21h
+aW6CCmxvY2FsaG9zdDSCF2xvY2FsaG9zdDQubG9jYWxkb21haW40ggpsb2NhbGhv
+c3Q2ghdsb2NhbGhvc3Q2LmxvY2FsZG9tYWluNocEfwAAAYcQAAAAAAAAAAAAAAAA
+AAAAATAKBggqhkjOPQQDAgNJADBGAiEA5rkkz7V8zFb9ME4b3SiBqFQaXGnLNzz5
+UXmL31oevUUCIQCsL/qw/HKhBtojG9LnK5TezFCYauafDPsVqsxvj7F9UA==
+-----END CERTIFICATE-----

libs/ssl-config/src/test/resources/certs/pem-utils/certificate_secp384r1.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICQzCCAcmgAwIBAgIUFBuqf8Y7xcDb5MvDH3/WKCaqZOwwCgYIKoZIzj0EAwIw
+IjEgMB4GA1UEAxMXRWxhc3RpY3NlYXJjaCBUZXN0IE5vZGUwHhcNMjAwNDE0MTg1
+MjE4WhcNMjQwNDEzMTg1MjE4WjAiMSAwHgYDVQQDExdFbGFzdGljc2VhcmNoIFRl
+c3QgTm9kZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABKLpoDYudvcmGfr1+aImIap7
+C1cC9SUBcI8EOWlogODMUM1DWcaWrQbbQzhUNpQFvX6A/I2SiME5WM2IC+lJX/W8
+fafcLzYF+Ts2Eftmdi9usBsQz+JEGTPcgRNyM/N3FaOBvzCBvDAJBgNVHRMEAjAA
+MB0GA1UdDgQWBBTuCqvozIlpHH5kLc3BfsT1bRqpHDCBjwYDVR0RBIGHMIGEggls
+b2NhbGhvc3SCFWxvY2FsaG9zdC5sb2NhbGRvbWFpboIKbG9jYWxob3N0NIIXbG9j
+YWxob3N0NC5sb2NhbGRvbWFpbjSCCmxvY2FsaG9zdDaCF2xvY2FsaG9zdDYubG9j
+YWxkb21haW42hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMAoGCCqGSM49BAMCA2gA
+MGUCMQDtmO2fQY1vVD58fFHsAt0LoStzrhB22SkcfKtTVNlrHkTX8SXjToqKKbxX
+AMgUCNoCMFSn7lc3V7xycDx+P1icdb+jLVoFl7G1Ki17B1z6W8JlZRJBsyEiu6qC
+UxZU5NBdww==
+-----END CERTIFICATE-----

libs/ssl-config/src/test/resources/certs/pem-utils/certificate_secp521r1.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICjjCCAe+gAwIBAgIUR5YlaSjZ7BE/bCe5f2966kG8+cowCgYIKoZIzj0EAwIw
+IjEgMB4GA1UEAxMXRWxhc3RpY3NlYXJjaCBUZXN0IE5vZGUwHhcNMjAwNDE0MTg1
+MjM4WhcNMjQwNDEzMTg1MjM4WjAiMSAwHgYDVQQDExdFbGFzdGljc2VhcmNoIFRl
+c3QgTm9kZTCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAC/v/jT1EwJzFyVjSYw8
+H/Ix6Ty9KjTJ+duN1qc9ByGg2YoJw5Z179mAPoDp7LalGCawplhs38J45rqh7pbN
+MI+1AaAilKSJiuIzByPlkKjxWOX1sYaxmBY4Kc0UOKpqFfY70fBzhIi8M+9t3eaB
+TWoLbIghGkDHG6icTCUawesuTI7/o4G/MIG8MAkGA1UdEwQCMAAwHQYDVR0OBBYE
+FNIirnFLQRx8t9uMd3D5Cux+/uSzMIGPBgNVHREEgYcwgYSCCWxvY2FsaG9zdIIV
+bG9jYWxob3N0LmxvY2FsZG9tYWluggpsb2NhbGhvc3Q0ghdsb2NhbGhvc3Q0Lmxv
+Y2FsZG9tYWluNIIKbG9jYWxob3N0NoIXbG9jYWxob3N0Ni5sb2NhbGRvbWFpbjaH
+BH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwCgYIKoZIzj0EAwIDgYwAMIGIAkIAo+T4
+wkgf9OwzupXYQc8ftQydvucF29sK1OdJDnJHN/oBFtYdo4ZOMar8PzJZ3KtiOETo
+IInuL8YE6kO9aTaQOUwCQgDfs3/nnEITC9OzpYpHWDp54phcrKgbHUDEUPn8CPU1
+aH8dJ/TVeSiYkt7dAeqklOP790HfHjS+rTAyMFn7uq4pkw==
+-----END CERTIFICATE-----

libs/ssl-config/src/test/resources/certs/pem-utils/private_secp256r1.pem

@@ -0,0 +1,8 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIMdU2MBFYjUeThgqXbSrVByV+rMmsKKe6qzwBjgBwgHXoAoGCCqGSM49
+AwEHoUQDQgAE3sih7YkPZKxuTSkXX1aLA7+V5m0hwIhk/1u08waGrSvh7q9r+oJg
+VEmgAwQq/j1FDAvbcx8ErUOObremXvPfcA==
+-----END EC PRIVATE KEY-----

libs/ssl-config/src/test/resources/certs/pem-utils/private_secp384r1.pem

@@ -0,0 +1,9 @@
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDA6lA/V9jd1eZJrD+fkOJMNWDU0xT5aRyUJxrNdIwMWFu1wvswHLvF8
+kZELRUMx3QmgBwYFK4EEACKhZANiAASi6aA2Lnb3Jhn69fmiJiGqewtXAvUlAXCP
+BDlpaIDgzFDNQ1nGlq0G20M4VDaUBb1+gPyNkojBOVjNiAvpSV/1vH2n3C82Bfk7
+NhH7ZnYvbrAbEM/iRBkz3IETcjPzdxU=
+-----END EC PRIVATE KEY-----

libs/ssl-config/src/test/resources/certs/pem-utils/private_secp521r1.pem

@@ -0,0 +1,10 @@
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIANfC2QUp9OWMWk+1+7i1S3hhg1sXiE2Ysv2lTSV3Jct547FJRoNnl
+kJEdojfPbWNlP/uxtoWdIY0T/c+K8ErSkPGgBwYFK4EEACOhgYkDgYYABAAv7/40
+9RMCcxclY0mMPB/yMek8vSo0yfnbjdanPQchoNmKCcOWde/ZgD6A6ey2pRgmsKZY
+bN/CeOa6oe6WzTCPtQGgIpSkiYriMwcj5ZCo8Vjl9bGGsZgWOCnNFDiqahX2O9Hw
+c4SIvDPvbd3mgU1qC2yIIRpAxxuonEwlGsHrLkyO/w==
+-----END EC PRIVATE KEY-----

x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/ssl/PemUtils.java

@@ -481,9 +481,12 @@ private static ECPrivateKeySpec parseEcDer(byte[] keyBytes) throws IOException,
         parser.readAsn1Object().getInteger(); // version
         String keyHex = parser.readAsn1Object().getString();
         BigInteger privateKeyInt = new BigInteger(keyHex, 16);
+        DerParser.Asn1Object choice = parser.readAsn1Object();
+        parser = choice.getParser();
+        String namedCurve = getEcCurveNameFromOid(parser.readAsn1Object().getOid());
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
-        AlgorithmParameterSpec prime256v1ParamSpec = new ECGenParameterSpec("secp256r1");
-        keyPairGenerator.initialize(prime256v1ParamSpec);
+        AlgorithmParameterSpec algorithmParameterSpec = new ECGenParameterSpec(namedCurve);
+        keyPairGenerator.initialize(algorithmParameterSpec);
         ECParameterSpec parameterSpec = ((ECKey) keyPairGenerator.generateKeyPair().getPrivate()).getParams();
         return new ECPrivateKeySpec(privateKeyInt, parameterSpec);
     }
@@ -555,7 +558,45 @@ private static String getKeyAlgorithmIdentifier(byte[] keyBytes) throws IOExcept
             case "1.2.840.10045.2.1":
                 return "EC";
         }
-        throw new GeneralSecurityException("Error parsing key algorithm identifier. Algorithm with OID: "+oidString+ " is not " +
+        throw new GeneralSecurityException("Error parsing key algorithm identifier. Algorithm with OID: " + oidString + " is not " +
+            "supported");
+    }
+
+    private static String getEcCurveNameFromOid(String oidString) throws GeneralSecurityException {
+        switch (oidString) {
+            // see https://tools.ietf.org/html/rfc5480#section-2.1.1.1
+            case "1.2.840.10045.3.1":
+                return "secp192r1";
+            case "1.3.132.0.1":
+                return "sect163k1";
+            case "1.3.132.0.15":
+                return "sect163r2";
+            case "1.3.132.0.33":
+                return "secp224r1";
+            case "1.3.132.0.26":
+                return "sect233k1";
+            case "1.3.132.0.27":
+                return "sect233r1";
+            case "1.2.840.10045.3.1.7":
+                return "secp256r1";
+            case "1.3.132.0.16":
+                return "sect283k1";
+            case "1.3.132.0.17":
+                return "sect283r1";
+            case "1.3.132.0.34":
+                return "secp384r1";
+            case "1.3.132.0.36":
+                return "sect409k1";
+            case "1.3.132.0.37":
+                return "sect409r1";
+            case "1.3.132.0.35":
+                return "secp521r1";
+            case "1.3.132.0.38":
+                return "sect571k1";
+            case "1.3.132.0.39":
+                return "sect571r1";
+        }
+        throw new GeneralSecurityException("Error parsing EC named curve identifier. Named curve with OID: " + oidString + " is not " +
             "supported");
     }
 }