RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec

Weijun Wang weijun at openjdk.java.net
Fri Mar 12 22:09:08 UTC 2021


On Fri, 12 Mar 2021 22:04:35 GMT, Ziyi Luo <luoziyi at openjdk.org> wrote:

>> My understanding is that the problem here is the 2 `isAssignableFrom` checks are in wrong order. The parent class RSA_PRIV_KEYSPEC_CLS should be checked first.
>> 
>> BTW, please add a regression test to the fix. Thanks.
>
> Hi @wangweij Thanks for your review. As @SalusaSecondus commented, RSAPrivateKeyCrtSpec should be favored over RSAPrivateKeySpec when the PrivateKey is a Crt Key. I just modified our JTreg test to include all four cases described in the PR description.

I still cannot understand why CRT is always preferred. The original implementation also hadn't done that.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2949


More information about the security-dev mailing list