RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec [v6]

Ziyi Luo luoziyi at openjdk.java.net
Wed Mar 24 03:25:02 UTC 2021


> This is a P2 regression introduced by JDK-8254717.
> 
> In `RSAKeyFactory.engineGetKeySpec`, when the key is a RSA key and the KeySpec is RSAPrivateKeySpec or RSAPrivateCrtKeySpec. The method behavior is described as follow:
> 
> X-axis: type of `keySpec`
> Y-axis: type of `key`
> 
> Before JDK-8254717:
> 
> |  | RSAPrivateKeySpec.class | RSAPrivateCrtKeySpec.class |
> |--|--|--|
> | RSAPrivateKey | Return RSAPrivateKeySpec  | Throw `InvalidKeySpecException` |
> | RSAPrivateCrtKey | Return RSAPrivateKeySpec | Return RSAPrivateKeyCrtSpec |
> 
> After JDK-8254717 (Green check is what we want to fix, red cross is the regression):
> 
> |  | RSAPrivateKeySpec.class | RSAPrivateCrtKeySpec.class |
> |--|--|--|
> | RSAPrivateKey | Throw `InvalidKeySpecException` ❌  | Throw `InvalidKeySpecException` |
> | RSAPrivateCrtKey | Return RSAPrivateKeyCrtSpec ✅ | Return RSAPrivateKeyCrtSpec |
> 
> This commit fixes the regression.
> 
> 
> ### Tests
> 
> * Jtreg: All tests under `java/security`, `sun/security`, `javax/crypto` passed
> * JCK: All JCK-16 (I do not have jCK-17)tests under `api/java_security` passed

Ziyi Luo has updated the pull request incrementally with two additional commits since the last revision:

 - Remove trailing whitespace
 - Refactor P11RSAKeyFactory and improve tests

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/2949/files
  - new: https://git.openjdk.java.net/jdk/pull/2949/files/da25a691..2594ef2b

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=2949&range=05
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=2949&range=04-05

  Stats: 152 lines in 4 files changed: 95 ins; 23 del; 34 mod
  Patch: https://git.openjdk.java.net/jdk/pull/2949.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/2949/head:pull/2949

PR: https://git.openjdk.java.net/jdk/pull/2949


More information about the security-dev mailing list