Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242897

KeyFactory.generatePublic( x509Spec ) failed with java.security.InvalidKeyException

    Details

    • Subcomponent:
    • Introduced In Build:
      b15
    • Introduced In Version:
      11
    • Resolved In Build:
      b26
    • Verification:
      Verified

      Description

      ADDITIONAL SYSTEM INFORMATION :
      works in java 10-. Broken in java 11.0+. checkKeyAlgo was added to RSAKeyFactory.java in java 11

      A DESCRIPTION OF THE PROBLEM :
      java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
      at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:239)
      at java.base/java.security.KeyFactory.generatePublic(KeyFactory.java:352)
      at com.mycompany.rsatest.Test.main(Test.java:23)
      Caused by: java.security.InvalidKeyException: Expected a RSA key, but got 1.3.14.3.2.15
      at java.base/sun.security.rsa.RSAKeyFactory.checkKeyAlgo(RSAKeyFactory.java:104)
      at java.base/sun.security.rsa.RSAKeyFactory.generatePublic(RSAKeyFactory.java:332)
      at java.base/sun.security.rsa.RSAKeyFactory.engineGeneratePublic(RSAKeyFactory.java:235)

      REGRESSION : Last worked in version 10

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      1.3.14.3.2.15 should be a valid RSA key?

      ---------- BEGIN SOURCE ----------
      package com.mycompany.rsatest;

      import java.security.KeyFactory;
      import java.security.interfaces.RSAPublicKey;
      import java.security.spec.X509EncodedKeySpec;
      //import sun.security.rsa.RSAPublicKeyImpl;


      public class Test {
          
          static byte[] certData = {48, 88, 48, 9, 6, 5, 43, 14, 3, 2, 15, 5, 0, 3, 75, 0, 48, 72, 2, 65, 0, -41, 21, 124, 101, -24, -14, 37, 87, -40, -88, 87, 18, 44, -2, -123, -67, -33, -85, -93, 6, 76, 33, -77, 69, -30, -89, -51, -40, -90, 117, 30, 81, -102, -72, 97, -59, 16, -97, -72, -116, -50, 69, -47, 97, -71, -127, 123, -64, -20, -51, -61, 15, -38, 105, -26, 44, -59, 119, 119, 95, 44, 29, 102, -67, 2, 3, 1, 0, 1 };

          public static void main(String[] args) {
              try {
                  X509EncodedKeySpec x509Spec = new X509EncodedKeySpec( certData,"RSA" );
                  KeyFactory kf = KeyFactory.getInstance( "RSA" );
                  System.out.println( "KF type " + kf.getAlgorithm() );
                  RSAPublicKey rsaKey = (RSAPublicKey)kf.generatePublic( x509Spec );
      // RSAPublicKey rsaKey = RSAPublicKeyImpl.newKey( x509Spec.getEncoded() );

                  System.out.println( "key algo: " + rsaKey.getAlgorithm() );
              }
              catch( Exception e ) {
                  e.printStackTrace();
              }
         }
      }
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      Circumvent KeyFactory.generatePublic() by calling RSAPublicKeyImpl.newKey();

      FREQUENCY : always


        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                valeriep Valerie Peng
                Reporter:
                webbuggrp Webbug Group
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: