-
Bug
-
Resolution: Fixed
-
P3
-
8u261, 11
-
b15
-
b26
-
Verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8310117 | 11.0.21 | Goetz Lindenmaier | P3 | Resolved | Fixed | b01 |
JDK-8299198 | 8u371 | Prajwal Kumaraswamy | P3 | Resolved | Fixed | b01 |
ADDITIONAL SYSTEM INFORMATION :
works in java 10-. Broken in java 11.0+. checkKeyAlgo was added to RSAKeyFactory.java in java 11
A DESCRIPTION OF THE PROBLEM :
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:239)
at java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:352)
at com.mycompany.rsatest.Test.main(Test.java:23)
Caused by: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
at java.base/sun.security.rsa.RSAKeyFactory.checkKeyAlgo(RSAKeyFactory.java:104)
at java.base/sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:332)
at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:235)
REGRESSION : Last worked in version 10
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
1.3.14.3.2.15 should be a valid RSA key?
---------- BEGIN SOURCE ----------
package com.mycompany.rsatest;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
//import sun.security.rsa.RSAPublicKeyImpl;
public class Test {
static byte[] certData = {48, 88, 48, 9, 6, 5, 43, 14, 3, 2, 15, 5, 0, 3, 75, 0, 48, 72, 2, 65, 0, -41, 21, 124, 101, -24, -14, 37, 87, -40, -88, 87, 18, 44, -2, -123, -67, -33, -85, -93, 6, 76, 33, -77, 69, -30, -89, -51, -40, -90, 117, 30, 81, -102, -72, 97, -59, 16, -97, -72, -116, -50, 69, -47, 97, -71, -127, 123, -64, -20, -51, -61, 15, -38, 105, -26, 44, -59, 119, 119, 95, 44, 29, 102, -67, 2, 3, 1, 0, 1 };
public static void main(String[] args) {
try {
X509EncodedKeySpec x509Spec = new X509EncodedKeySpec( certData,"RSA" );
KeyFactory kf = KeyFactory.getInstance( "RSA" );
System.out.println( "KF type " + kf.getAlgorithm() );
RSAPublicKey rsaKey = (RSAPublicKey)kf.generatePublic( x509Spec );
// RSAPublicKey rsaKey = RSAPublicKeyImpl.newKey( x509Spec.getEncoded() );
System.out.println( "key algo: " + rsaKey.getAlgorithm() );
}
catch( Exception e ) {
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Circumvent KeyFactory.generatePublic() by calling RSAPublicKeyImpl.newKey();
FREQUENCY : always
works in java 10-. Broken in java 11.0+. checkKeyAlgo was added to RSAKeyFactory.java in java 11
A DESCRIPTION OF THE PROBLEM :
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:239)
at java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:352)
at com.mycompany.rsatest.Test.main(Test.java:23)
Caused by: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
at java.base/sun.security.rsa.RSAKeyFactory.checkKeyAlgo(RSAKeyFactory.java:104)
at java.base/sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:332)
at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:235)
REGRESSION : Last worked in version 10
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
1.3.14.3.2.15 should be a valid RSA key?
---------- BEGIN SOURCE ----------
package com.mycompany.rsatest;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
//import sun.security.rsa.RSAPublicKeyImpl;
public class Test {
static byte[] certData = {48, 88, 48, 9, 6, 5, 43, 14, 3, 2, 15, 5, 0, 3, 75, 0, 48, 72, 2, 65, 0, -41, 21, 124, 101, -24, -14, 37, 87, -40, -88, 87, 18, 44, -2, -123, -67, -33, -85, -93, 6, 76, 33, -77, 69, -30, -89, -51, -40, -90, 117, 30, 81, -102, -72, 97, -59, 16, -97, -72, -116, -50, 69, -47, 97, -71, -127, 123, -64, -20, -51, -61, 15, -38, 105, -26, 44, -59, 119, 119, 95, 44, 29, 102, -67, 2, 3, 1, 0, 1 };
public static void main(String[] args) {
try {
X509EncodedKeySpec x509Spec = new X509EncodedKeySpec( certData,"RSA" );
KeyFactory kf = KeyFactory.getInstance( "RSA" );
System.out.println( "KF type " + kf.getAlgorithm() );
RSAPublicKey rsaKey = (RSAPublicKey)kf.generatePublic( x509Spec );
// RSAPublicKey rsaKey = RSAPublicKeyImpl.newKey( x509Spec.getEncoded() );
System.out.println( "key algo: " + rsaKey.getAlgorithm() );
}
catch( Exception e ) {
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Circumvent KeyFactory.generatePublic() by calling RSAPublicKeyImpl.newKey();
FREQUENCY : always
- backported by
-
JDK-8299198 KeyFactory.generatePublic( x509Spec ) failed with java.security.InvalidKeyException
- Resolved
-
JDK-8310117 KeyFactory.generatePublic( x509Spec ) failed with java.security.InvalidKeyException
- Resolved
- relates to
-
JDK-8146293 Add support for RSASSA-PSS Signature algorithm
- Resolved