Details
-
Bug
-
Status: Closed
-
P2
-
Resolution: Fixed
-
8u351, 11.0.17-oracle, 17
-
b16
-
Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8290955 | 11.0.17-oracle | Dukebot | P2 | Closed | Fixed | b04 |
JDK-8267052 | 11.0.12 | Valerie Peng | P2 | Resolved | Fixed | b03 |
JDK-8290991 | 8u351 | Dukebot | P2 | Closed | Fixed | b04 |
Description
This is a regression introduced by JDK-8254717. @kganapureddy reported this bug.
In RSAKeyFactory.engineGetKeySpec, when the input key is a private key, the method tries to cast the key to RSAPrivateCrtKey when the keySpec class is RSAPrivateCrtKeySpec or its subclasses.
JDK-8254717 fixes all isAssignableFrom checks in engineGetKeySpec. But it introduces the regression that RSAKeyFactory.engineGetKeySpec tries to cast the private key when the keySpec is RSAPrivateCrtKeySpec or its **superclasses** (i.e., RSAPrivateKeySpec). This caused the following exception when the input key is only a RSAPrivateKey:
java.security.spec.InvalidKeySpecException: RSAPrivateCrtKeySpec can only be used with CRT keys.
In RSAKeyFactory.engineGetKeySpec, when the input key is a private key, the method tries to cast the key to RSAPrivateCrtKey when the keySpec class is RSAPrivateCrtKeySpec or its subclasses.
java.security.spec.InvalidKeySpecException: RSAPrivateCrtKeySpec can only be used with CRT keys.
Attachments
Issue Links
- backported by
-
JDK-8267052 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
-
- Resolved
-
-
JDK-8290955 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
-
- Closed
-
-
JDK-8290991 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
-
- Closed
-
- relates to
-
JDK-8254717 isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards
-
- Resolved
-
(2 links to)