RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec [v2]
SalusaSecondus
github.com+829871+salusasecondus at openjdk.java.net
Mon Mar 15 21:43:16 UTC 2021
On Mon, 15 Mar 2021 21:35:16 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Ziyi Luo has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Add one test case for the regression fixed by 8263404
>
> test/jdk/java/security/KeyFactory/KeyFactoryGetKeySpecForInvalidSpec.java line 80:
>
>> 78: // === Case 1: private key is RSAPrivateCrtKey, expected spec is RSAPrivateKeySpec
>> 79: // === Expected: return RSAPrivateCrtKeySpec
>> 80: // Since RSAPrivateCrtKeySpec inherits from RSAPrivateKeySpec, we'd expect this next line to return an instance of RSAPrivateKeySpec
>
> Typo? I think you mean RSAPrivateCrtKeySpec?
Yup. Thank you for the catch.
> test/jdk/java/security/KeyFactory/KeyFactoryGetKeySpecForInvalidSpec.java line 83:
>
>> 81: // (because the private key has CRT parts).
>> 82: KeySpec spec = factory.getKeySpec(pair.getPrivate(), RSAPrivateKeySpec.class);
>> 83: if (!(spec instanceof RSAPrivateCrtKeySpec)) {
>
> The generated key is implementation specific, you should check the key type before checking the returned key spec?
How about we specifically use the ` SunRsaSign` provider then (which does generate an `RSAPrivateCrtKey`)?
-------------
PR: https://git.openjdk.java.net/jdk/pull/2949
More information about the security-dev
mailing list