Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8263404

RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b16
    • Verification:
      Verified

      Backports

        Description

        This is a regression introduced by JDK-8254717. @kganapureddy reported this bug.

        In RSAKeyFactory.engineGetKeySpec, when the input key is a private key, the method tries to cast the key to RSAPrivateCrtKey when the keySpec class is RSAPrivateCrtKeySpec or its subclasses.

        JDK-8254717 fixes all isAssignableFrom checks in engineGetKeySpec. But it introduces the regression that RSAKeyFactory.engineGetKeySpec tries to cast the private key when the keySpec is RSAPrivateCrtKeySpec or its **superclasses** (i.e., RSAPrivateKeySpec). This caused the following exception when the input key is only a RSAPrivateKey:
        java.security.spec.InvalidKeySpecException: RSAPrivateCrtKeySpec can only be used with CRT keys.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                luoziyi Ziyi Luo (Inactive)
                Reporter:
                luoziyi Ziyi Luo (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: