Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8287246

DSAKeyValue should check for missing params instead of relying on KeyFactory provider

    XMLWordPrintable

Details

    Backports

      Description

        The DSA KeyFactory implementation in the SUN and SunPKCS11 providers handle missing (i.e. null) DSA parameters differently. The SUN provider throws ProviderException if at least one, but not all of the P, Q, and G params are null and the SunPKCS11 provider throws NullPointerException if any are null. Both are similar in that they are treated as RuntimeExceptions which typically indicates an error in the application.

        P, Q, and G are optional according to the XML Signature Recommendation as they might be known from application context, but the JDK implementation does not provide a mechanism or API for an application to supply the missing parameters, so they are required to be specified in the DSAKeyValue element of a KeyInfo element.

        Thus, it seems a more robust fix is to have the XML Signature implementation check for null or missing parameters and throw a MarshalException before trying to create a DSA public key from its XML encoding. This will allow the code to fail earlier and not depend on the provider to detect illegal or missing parameters.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8304259 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8304540 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8304935 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8304942 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8306274 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8308868 DSAKeyValue should check for missing params instead of relying on KeyFactory provider

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            links to

            Commit Commit openjdk/jdk11u-dev/5fa213a8

            Commit Commit openjdk/jdk17u-dev/fc037105

            Commit Commit openjdk/jdk/f235955e

            Review Review openjdk/jdk11u-dev/1895

            Review Review openjdk/jdk17u-dev/1244

            Review Review openjdk/jdk/8870

            Activity

              People

                mullan Sean Mullan
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: