Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242897

KeyFactory.generatePublic( x509Spec ) failed with java.security.InvalidKeyException

XMLWordPrintable

    • b15
    • 11
    • b26
    • Verified

        ADDITIONAL SYSTEM INFORMATION :
        works in java 10-. Broken in java 11.0+. checkKeyAlgo was added to RSAKeyFactory.java in java 11

        A DESCRIPTION OF THE PROBLEM :
        java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
        at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:239)
        at java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:352)
        at com.mycompany.rsatest.Test.main(Test.java:23)
        Caused by: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
        at java.base/sun.security.rsa.RSAKeyFactory.checkKeyAlgo(RSAKeyFactory.java:104)
        at java.base/sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:332)
        at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:235)

        REGRESSION : Last worked in version 10

        EXPECTED VERSUS ACTUAL BEHAVIOR :
        EXPECTED -
        1.3.14.3.2.15 should be a valid RSA key?

        ---------- BEGIN SOURCE ----------
        package com.mycompany.rsatest;

        import java.security.KeyFactory;
        import java.security.interfaces.RSAPublicKey;
        import java.security.spec.X509EncodedKeySpec;
        //import sun.security.rsa.RSAPublicKeyImpl;


        public class Test {
            
            static byte[] certData = {48, 88, 48, 9, 6, 5, 43, 14, 3, 2, 15, 5, 0, 3, 75, 0, 48, 72, 2, 65, 0, -41, 21, 124, 101, -24, -14, 37, 87, -40, -88, 87, 18, 44, -2, -123, -67, -33, -85, -93, 6, 76, 33, -77, 69, -30, -89, -51, -40, -90, 117, 30, 81, -102, -72, 97, -59, 16, -97, -72, -116, -50, 69, -47, 97, -71, -127, 123, -64, -20, -51, -61, 15, -38, 105, -26, 44, -59, 119, 119, 95, 44, 29, 102, -67, 2, 3, 1, 0, 1 };

            public static void main(String[] args) {
                try {
                    X509EncodedKeySpec x509Spec = new X509EncodedKeySpec( certData,"RSA" );
                    KeyFactory kf = KeyFactory.getInstance( "RSA" );
                    System.out.println( "KF type " + kf.getAlgorithm() );
                    RSAPublicKey rsaKey = (RSAPublicKey)kf.generatePublic( x509Spec );
        // RSAPublicKey rsaKey = RSAPublicKeyImpl.newKey( x509Spec.getEncoded() );

                    System.out.println( "key algo: " + rsaKey.getAlgorithm() );
                }
                catch( Exception e ) {
                    e.printStackTrace();
                }
           }
        }
        ---------- END SOURCE ----------

        CUSTOMER SUBMITTED WORKAROUND :
        Circumvent KeyFactory.generatePublic() by calling RSAPublicKeyImpl.newKey();

        FREQUENCY : always


              valeriep Valerie Peng
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: