Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8335803

SunJCE cipher throws NPE for un-extractable RSA keys

XMLWordPrintable

      The SunJCE RSA Cipher implementation throws a NullPointerException if it is initialized with a custom un-extractable RSA key. The expected behavior is an InvalidKeyException.

      This is a regression after JDK-8023980: https://github.com/openjdk/jdk11u-dev/commit/0b7efe44ad38003dd319b2d19e3a73e2e86f9475#diff-9e10657ec78aabc8b7800cc4c0ed3a6df6dc2cc52d94fc50824486d03ca9ae49L274.
      The new RSAPrivateCrtKeyImpl::newKey method does not verify null values for Key::getFormat() or Key::getEncoded() methods.

      JDK17+ does not have such an issue because of getEncoded() value verification added by JDK-8244565 : https://hg.openjdk.org/jdk/jdk/rev/f1ece22096b1#l3.7

            abakhtin Alexey Bakhtin
            abakhtin Alexey Bakhtin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: