Name: iiR10263 Date: 12/22/2003



Current implementation of the javax.crypto.Cipher does not correctly
reinitialize Cipher object if the first initialization fails.

Please find code example below

import java.io.*;
import java.util.*;
import java.security.cert.*;
import javax.crypto.Cipher;

class e15 {
    public static void main(String argv[]) {
        String algorithm = "RSA";

        try {

                
            String certStr = "-----BEGIN CERTIFICATE-----\n" +
"MIICYDCCAckCBDm+nq8wDQYJKoZIhvcNAQEEBQAwdzELMAkGA1UEBhMCVVMxCzAJ\n" +
"BgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxHzAdBgNVBAoTFlN1biBNaWNy\n" +
"b3N5c3RlbXMsIEluYy4xETAPBgNVBAsTCEphdmFzb2Z0MRMwEQYDVQQDEwpSb2dl\n" +
"ciBQaGFtMB4XDTAwMDkxMjIxMjI1NVoXDTIwMDkwNzIxMjI1NVowdzELMAkGA1UE\n" +
"BhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlTdW5ueXZhbGUxHzAdBgNVBAoT\n" +
"FlN1biBNaWNyb3N5c3RlbXMsIEluYy4xETAPBgNVBAsTCEphdmFzb2Z0MRMwEQYD\n" +
"VQQDEwpSb2dlciBQaGFtMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuUdLg\n" +
"t0BUE/MZ/wkcjDDK5VRAhuOphPizHV90S1goG7u0Ayf6w9V9WdJXswmbyf0SbRRj\n" +
"2IaH3ClRM/S+RuOZPzJyYY2GnIxUaIlOkWdBIcZv1l/ceXyal+C2oAF/ypRbstfE\n" +
"Lq5Y/AyQNEesi42Php+wTLT7GOBj1AMMBNLdYwIDAQABMA0GCSqGSIb3DQEBBAUA\n" +
"A4GBAEL9yV2GdVEeK7VdN3LKFxZ1egsZqtpzoUb37zqOXii27kdmIFGPPBal2/Ij\n" +
"us/Dphu+BMwxFerEUV7r/KfjDPk0Wofwdj7Ls2fcK4LzRvEI+OswvBaAAqJ3D+ja\n" +
"VcYBnS35IJDv0ocMUsPhr4kKUn0MQik3eixmh/Vz2Cu1bq1f\n" +
"-----END CERTIFICATE-----";
                
            byte[] bb = certStr.getBytes();
            
            if (bb != null) {
                ByteArrayInputStream bas = new ByteArrayInputStream(bb);
                BufferedInputStream bis = new BufferedInputStream(bas);
                CertificateFactory cf =
                    CertificateFactory.getInstance("X.509");
                
                if (bis.available() > 0) {
                    Cipher c;
                    X509Certificate cert =
                        (X509Certificate)cf.generateCertificate(bis);
                        
                    //System.out.println(cert.toString());
                   
                    c = Cipher.getInstance(algorithm);
                    
                    System.out.println("Obtained Cipher for algorithm " +
                        c.getAlgorithm());
                    
                    
                    try {
                        c.init(Cipher.ENCRYPT_MODE, (Certificate)null);
                        /* c.init(100, (Certificate)null); */
                    } catch (Exception e) {
                    }
                    
                    c.init(Cipher.ENCRYPT_MODE, cert);
                }
            }
        } catch (Exception e) {
            e.printStackTrace(System.out);
        }
    }
}

The output is

Obtained Cipher for algorithm RSA
java.security.InvalidKeyException: No installed provider supports this key: sun.security.rsa.RSAPublicKeyImpl
        at javax.crypto.Cipher.a(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at e15.main(e15.java:55)

Note that if we first initialize Cipher using invalid opmode all works
correctly.



java full version "1.5.0-beta-b32"

======================================================================