Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8163896

Finalizing one key of a KeyPair invalidates the other key

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 9
    • Fix Version/s: 9
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Resolved In Build:
      b133
    • OS:
      windows

      Backports

        Description

        Here's the reproducer:
        -------------------
        import java.security.Key;
        import java.security.KeyPair;
        import java.security.KeyPairGenerator;

        public class Main {

            public static void main(String[] args) throws Exception {
                KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "SunMSCAPI");
                KeyPair pair = generator.generateKeyPair();
                Key publicKey = pair.getPublic();

                pair = null;
                for (int i = 0; i < 1024; ++i) {
                    System.gc();
                }

                publicKey.getEncoded(); // <<< throws KeyException: The parameter is incorrect
            }
        }
        -------------------

        This is because when a KeyPair is created both keys share the same native handles.
        Thus, when one of them is destroyed (i.e. finalized), the handles become invalid.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  igerasim Ivan Gerasimov
                  Reporter:
                  igerasim Ivan Gerasimov
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: