Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8177657

certificate parsing error "Invalid RSA public Key" with Java 1.8.121

    XMLWordPrintable

    Details

      Description

      FULL PRODUCT VERSION :
      java version "1.8.0_121"
      Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
      Java HotSpot(TM) Client VM (build 25.121-b13, mixed mode)

      ADDITIONAL OS VERSION INFORMATION :
      Mircosoft Windows 10.0.14393
      Windows 6.0.7601
      and any other Windows/Linux

      EXTRA RELEVANT SYSTEM CONFIGURATION :
      no specific configuration. We tried a lot of different systems

      A DESCRIPTION OF THE PROBLEM :
      After installing java version 1.8.0_121 there is a problem with parsing our certificates. Some of them worked fine but others didn't. We analyzed the certificates and found the difference.

      Some of them have leading 0s at the public key exponent. Since java 121 there is an exception while parsing such certificates.
      Previous java-versions are working fine. Did you tight up checks since version 121 purposely?

      According to the bug (https://bugs.openjdk.java.net/browse/JDK-8175251)
      there is a similar problem with parsing the private key.
      Do you plan to revoke this exacerbation?

      We have a lot of certificate that my no longer work (using java).

      We can provide one of our certs which won't work anymore using java121.
      The source code of our test-tool won't make sense without such a cert.
      Please give us a mail-address; we will send you the cert immediately.


      REGRESSION. Last worked in version 8u112

      ADDITIONAL REGRESSION INFORMATION:
      java version "1.8.0_121"
      Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
      Java HotSpot(TM) Client VM (build 25.121-b13, mixed mode)

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      try to parse a cert with leading 0s in public exponent. You will get an exception (take a look at the sourcecode below)

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      the same behavior as in java 1.8.0.112
      ACTUAL -
      ParsingEXC : Invalid RSA-Public key

      ERROR MESSAGES/STACK TRACES THAT OCCUR :
      CertificateFactory Info:
      Type = X.509
      Provider = SUN version 1.8
      toString = java.security.cert.CertificateFactory@1db9742
      Exception: java.security.cert.CertificateParsingException: java.io.IOException:
      subject key, java.security.InvalidKeyException: Invalid RSA public key

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      import java.io.*;
      import java.security.*;
      import java.security.cert.*;


      class CertTest {

         public static void main(String[] args) {
            if (args.length<1) {
               System.out.println("Use it that way, dude...:");
               System.out.println("java CertTest <input.crt>");
               return;
            }
            String in = args[0];
            try {
                              testCert(in);
            } catch (Exception e) {
               System.out.println("Exception: "+e);
               return;
            }
         }
         
         private static void testCert(String input)
            throws Exception {
            CertificateFactory cf = CertificateFactory.getInstance("X.509");
            System.out.println();
            System.out.println("========================================");
                    System.out.println("CertificateFactory Info: ");
            System.out.println("Type = "+cf.getType());
            System.out.println("Provider = "+cf.getProvider());
            System.out.println("toString = "+cf.toString());

            FileInputStream fis = new FileInputStream(input);
            java.security.cert.Certificate cert = cf.generateCertificate(fis);
            fis.close();
            System.out.println();
            System.out.println("========================================");
                    System.out.println("Certificate Object Info: ");
            System.out.println("Type = "+cert.getType());
            System.out.println("toString = "+cert.toString());

            PublicKey pubKey = cert.getPublicKey();
            System.out.println();
                    System.out.println("========================================");
            System.out.println("PublicKey Object Info: ");
            System.out.println("Algorithm = "+pubKey.getAlgorithm());
            System.out.println("Format = "+pubKey.getFormat());
            System.out.println("toString = "+pubKey.toString());
         }
      }


      ---------- END SOURCE ----------

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              psonal Pallavi Sonal (Inactive)
              Reporter:
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: