Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8263404

RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

    XMLWordPrintable

Details

    • b16
    • Verified

    Backports

      Description

        This is a regression introduced by JDK-8254717. @kganapureddy reported this bug.

        In RSAKeyFactory.engineGetKeySpec, when the input key is a private key, the method tries to cast the key to RSAPrivateCrtKey when the keySpec class is RSAPrivateCrtKeySpec or its subclasses.

        JDK-8254717 fixes all isAssignableFrom checks in engineGetKeySpec. But it introduces the regression that RSAKeyFactory.engineGetKeySpec tries to cast the private key when the keySpec is RSAPrivateCrtKeySpec or its **superclasses** (i.e., RSAPrivateKeySpec). This caused the following exception when the input key is only a RSAPrivateKey:
        java.security.spec.InvalidKeySpecException: RSAPrivateCrtKeySpec can only be used with CRT keys.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8267052 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8290955 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8290991 RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8254717 isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            links to

            Commit Commit openjdk/jdk/a5d7de23

            Review Review openjdk/jdk8u-dev/214

            Review Review openjdk/jdk/2949

            Activity

              People

                luoziyi Ziyi Luo (Inactive)
                luoziyi Ziyi Luo (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: