Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8205720

KeyFactory#getKeySpec and translateKey throws NullPointerException with Invalid key

XMLWordPrintable

    • b21
    • Verified

        • KeyFactory#getKeySpec(Key,Class)
         
        Specification states that
        InvalidKeySpecException if the requested key specification is
        inappropriate for the given key, or the given key cannot be processed
        (e.g., the given key has an unrecognized algorithm or format).

        My understanding is that if I provide an invalid key to this method, I expect InvalidKeyException
        but for “RSASSA-PSS” algorithm, the KeyFactory throws “NullPointerException”
         
        Code:
        class InvalidKey implements Key{
            @Override
            public String getAlgorithm() {
                return null;
            }
            @Override
            public String getFormat() {
                return null;
            }
            @Override
            public byte[] getEncoded() {
                return null;
            }
        }
        KeyFactory keyFactory = KeyFactory.getInstance(“RSASSA-PSS”);
                      keyFactory.getKeySpec(new InvalidKey(),X509EncodedKeySpec.class); //throws NPE instead of InvalidKeyException
        =========
        Output:
        Exception java.lang.NullPointerException
              at RSAKeyFactory.checkKeyAlgo (RSAKeyFactory.java:103)
              at RSAKeyFactory.engineTranslateKey (RSAKeyFactory.java:212)
              at RSAKeyFactory.engineGetKeySpec (RSAKeyFactory.java:399)
         
         
        • KeyFactory#translateKey(Key):
         
        Specification states that InvalidKeyException if the given key cannot be processed by this key factory.

        My understanding is that if I provide an invalid key to this method, I expect InvalidKeyException but for
        “RSASSA-PSS” algorithm, the KeyFactory throws “NullPointerException”
         
        Code:
          class InvalidKey implements Key{
            @Override
            public String getAlgorithm() {
                return null;
            }
            @Override
            public String getFormat() {
                return null;
            }
            @Override
            public byte[] getEncoded() {
                return null;
            }
        }
         
                             KeyFactory keyFactory = KeyFactory.getInstance(“RSASSA-PSS”);
                             keyFactory.translateKey(new InvalidKey()); // Throw NPE instead of InvalidKeyException.
         =======
        Output:
        Exception java.lang.NullPointerException
               at RSAKeyFactory.checkKeyAlgo (RSAKeyFactory.java:103)
               at RSAKeyFactory.engineTranslateKey (RSAKeyFactory.java:212)
               at KeyFactory.translateKey (KeyFactory.java:470)
        ===================================================
        I have checked with other algorithm, it throws "InvalidKeyException"

        For e.g.
        jshell> KeyFactory keyFactory = KeyFactory.getInstance("XDH");
        keyFactory ==> java.security.KeyFactory@77167fb7

        jshell> keyFactory.getKeySpec(new InvalidKey(),X509EncodedKeySpec.class)

        | Exception java.security.spec.InvalidKeySpecException: Unsupported key type
        | at XDHKeyFactory.engineGetKeySpec (XDHKeyFactory.java:226)
        | at KeyFactory.getKeySpec (KeyFactory.java:439)
        | at (#46:1)

        jshell> keyFactory.translateKey(new InvalidKey())
        | Exception java.security.InvalidKeyException: Unsupported key type or format
        | at XDHKeyFactory.engineTranslateKey (XDHKeyFactory.java:94)
        | at KeyFactory.translateKey (KeyFactory.java:470)
        | at (#47:1)

              valeriep Valerie Peng
              bnallakaluva Bharath Nallakaluva (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: