RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec [v4]
Ziyi Luo
luoziyi at openjdk.java.net
Thu Mar 18 17:30:55 UTC 2021
> This is a P2 regression introduced by JDK-8254717.
>
> In `RSAKeyFactory.engineGetKeySpec`, when the key is a RSA key and the KeySpec is RSAPrivateKeySpec or RSAPrivateCrtKeySpec. The method behavior is described as follow:
>
> X-axis: type of `keySpec`
> Y-axis: type of `key`
>
> Before JDK-8254717:
>
> | | RSAPrivateKeySpec.class | RSAPrivateCrtKeySpec.class |
> |--|--|--|
> | RSAPrivateKey | Return RSAPrivateKeySpec | Throw `InvalidKeySpecException` |
> | RSAPrivateCrtKey | Return RSAPrivateKeySpec | Return RSAPrivateKeyCrtSpec |
>
> After JDK-8254717 (Green check is what we want to fix, red cross is the regression):
>
> | | RSAPrivateKeySpec.class | RSAPrivateCrtKeySpec.class |
> |--|--|--|
> | RSAPrivateKey | Throw `InvalidKeySpecException` ❌ | Throw `InvalidKeySpecException` |
> | RSAPrivateCrtKey | Return RSAPrivateKeyCrtSpec ✅ | Return RSAPrivateKeyCrtSpec |
>
> This commit fixes the regression.
>
>
> ### Tests
>
> * Jtreg: All tests under `java/security`, `sun/security`, `javax/crypto` passed
> * JCK: All JCK-16 (I do not have jCK-17)tests under `api/java_security` passed
Ziyi Luo has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains four commits:
- Fix P11RSAKeyFactory and add one more jtreg test
- Add one test case for the regression fixed by 8263404
- Fix jcheck whitespace error
- 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec
-------------
Changes: https://git.openjdk.java.net/jdk/pull/2949/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=2949&range=03
Stats: 211 lines in 4 files changed: 162 ins; 15 del; 34 mod
Patch: https://git.openjdk.java.net/jdk/pull/2949.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/2949/head:pull/2949
PR: https://git.openjdk.java.net/jdk/pull/2949
More information about the security-dev
mailing list