RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec [v4]
SalusaSecondus
github.com+829871+salusasecondus at openjdk.java.net
Sat Mar 20 17:54:39 UTC 2021
On Thu, 18 Mar 2021 20:25:59 GMT, Ziyi Luo <luoziyi at openjdk.org> wrote:
>> This looks to cover the cases and fixes we talked about.
>
> @valeriepeng Sorry for the delay. There were unknown Windows build failure during the pre-submit tests that I have to rebase my commits on top of the master tip. This new revision should cover all comments you left before. Thank you!
Mike,
>From what I can find, if you try to get a spec from a non-extractable key you'll get an `InvalidKeySpecException`.
1. `C_GetAttributeValue`will throw a `PKCS11Exception`
2. The `PKCS11Exception` gets caught in [P11KeyFactory](https://github.com/openjdk/jdk/blob/master/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyFactory.java#L98-L99) which rethrows it as an `InvalidKeySpecException`.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2949
More information about the security-dev
mailing list