-
Bug
-
Resolution: Fixed
-
P3
-
11
-
b01
The SunJCE RSA Cipher implementation throws a NullPointerException if it is initialized with a custom un-extractable RSA key. The expected behavior is an InvalidKeyException.
This is a regression afterJDK-8023980: https://github.com/openjdk/jdk11u-dev/commit/0b7efe44ad38003dd319b2d19e3a73e2e86f9475#diff-9e10657ec78aabc8b7800cc4c0ed3a6df6dc2cc52d94fc50824486d03ca9ae49L274.
The new RSAPrivateCrtKeyImpl::newKey method does not verify null values for Key::getFormat() or Key::getEncoded() methods.
JDK17+ does not have such an issue because of getEncoded() value verification added byJDK-8244565 : https://hg.openjdk.org/jdk/jdk/rev/f1ece22096b1#l3.7
This is a regression after
The new RSAPrivateCrtKeyImpl::newKey method does not verify null values for Key::getFormat() or Key::getEncoded() methods.
JDK17+ does not have such an issue because of getEncoded() value verification added by
- links to
-
Commit(master) openjdk/jdk11u-dev/6c7ee264
-
Review(master) openjdk/jdk11u-dev/2837