-
Type:
Bug
-
Resolution: Not an Issue
-
Priority:
P3
-
None
-
Affects Version/s: 15
-
Component/s: security-libs
-
None
Steps to reproduce,
- Generate a KeyPair for RSASSA-PSS.
- Generate another using any of following way,
KeyFactory kf = KeyFactory.getInstance(ALGO, PROVIDER);
switch (type) {
case PUBLIC_KEY:
return new Key[]{
kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)),
kf.generatePublic(new X509EncodedKeySpec(key.getEncoded())),
kf.generatePublic(new RSAPublicKeySpec(
((RSAPublicKey) key).getModulus(),
((RSAPublicKey) key).getPublicExponent())),
kf.translateKey(key)
};
case PRIVATE_KEY:
return new Key[]{
kf.generatePrivate(kf.getKeySpec(key, RSAPrivateKeySpec.class)),
kf.generatePrivate(new PKCS8EncodedKeySpec(key.getEncoded())),
kf.generatePrivate(new RSAPrivateKeySpec(((RSAPrivateKey) key)
.getModulus(),
((RSAPrivateKey) key).getPrivateExponent())),
kf.translateKey(key)
};
}
Compare the original key with the generated one from above step,
- Keys equals() will fail
- Keys hashCode() will not same too. (In fact i see it's -ve, which may be because of overflow)
- Keys getEncoded() will generate different binaries too.
It is also same when the keys are serialized Or generated from any other source like OpenSSL.
- Generate a KeyPair for RSASSA-PSS.
- Generate another using any of following way,
KeyFactory kf = KeyFactory.getInstance(ALGO, PROVIDER);
switch (type) {
case PUBLIC_KEY:
return new Key[]{
kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)),
kf.generatePublic(new X509EncodedKeySpec(key.getEncoded())),
kf.generatePublic(new RSAPublicKeySpec(
((RSAPublicKey) key).getModulus(),
((RSAPublicKey) key).getPublicExponent())),
kf.translateKey(key)
};
case PRIVATE_KEY:
return new Key[]{
kf.generatePrivate(kf.getKeySpec(key, RSAPrivateKeySpec.class)),
kf.generatePrivate(new PKCS8EncodedKeySpec(key.getEncoded())),
kf.generatePrivate(new RSAPrivateKeySpec(((RSAPrivateKey) key)
.getModulus(),
((RSAPrivateKey) key).getPrivateExponent())),
kf.translateKey(key)
};
}
Compare the original key with the generated one from above step,
- Keys equals() will fail
- Keys hashCode() will not same too. (In fact i see it's -ve, which may be because of overflow)
- Keys getEncoded() will generate different binaries too.
It is also same when the keys are serialized Or generated from any other source like OpenSSL.
- blocks
-
JDK-8242335 Additional Tests for RSASSA-PSS
-
- Resolved
-
- relates to
-
JDK-8190180 Add support for RSASSA-PSS Signature algorithm
-
- Closed
-