Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6888925

SunMSCAPI's Cipher can't use RSA public keys obtained from other sources.

    Details

    • Subcomponent:
    • Resolved In Build:
      b142
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Not verified

      Description

      test.p12 is attached. Use IE to import the certificate/private key into the browser's keystore. Password is "test". Then run the following:

          public static void main(String[] arg) throws Exception {
              PrivateKey privKey = null;
              Certificate cert = null;
              KeyStore ks = KeyStore.getInstance("Windows-MY");
              ks.load(null, null);
              PublicKey myPuKey = (PublicKey)
                  ks.getCertificate("test_cert0").getPublicKey();

              Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunMSCAPI");
              rsa.init(Cipher.ENCRYPT_MODE, myPuKey);

      myPuKey is a sun.security.rsa.RSAPublicKeyImpl here.

      But MSCAPI checks that:

              if (!(key instanceof sun.security.mscapi.Key)) {
                  throw new InvalidKeyException("Unsupported key type: " + key);
              }

      The current MSCAPI will choke on this in two places with an Unsupported key type. First in engineGetKeySize, and then in the actual Cipher's init routine.

        Issue Links

          Activity

          Hide
          wetmore Bradford Wetmore added a comment -
          BT2:SUGGESTED FIX

          Need to convert other RSA public keys into a mscapi RSA public key.

          *** (#1 of 1): [ UNSAVED ] ###@###.###
          Show
          wetmore Bradford Wetmore added a comment - BT2:SUGGESTED FIX Need to convert other RSA public keys into a mscapi RSA public key. *** (#1 of 1): [ UNSAVED ] ###@###.###
          Hide
          vinnie Vincent Ryan added a comment -
          BT2:EVALUATION

          Convert non-MSCAPI RSA public keys into the format supported by MSCAPI.
          Show
          vinnie Vincent Ryan added a comment - BT2:EVALUATION Convert non-MSCAPI RSA public keys into the format supported by MSCAPI.

            People

            • Assignee:
              vinnie Vincent Ryan
              Reporter:
              wetmore Bradford Wetmore
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Imported:
                Indexed: