RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
Weijun Wang
weijun at openjdk.java.net
Fri Mar 12 22:09:08 UTC 2021
On Fri, 12 Mar 2021 22:04:35 GMT, Ziyi Luo <luoziyi at openjdk.org> wrote:
>> My understanding is that the problem here is the 2 `isAssignableFrom` checks are in wrong order. The parent class RSA_PRIV_KEYSPEC_CLS should be checked first.
>>
>> BTW, please add a regression test to the fix. Thanks.
>
> Hi @wangweij Thanks for your review. As @SalusaSecondus commented, RSAPrivateKeyCrtSpec should be favored over RSAPrivateKeySpec when the PrivateKey is a Crt Key. I just modified our JTreg test to include all four cases described in the PR description.
I still cannot understand why CRT is always preferred. The original implementation also hadn't done that.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2949
More information about the security-dev
mailing list