archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8174756: Extra validation for public keys

Browse source 
Reviewed-by: valeriep
This commit is contained in:
Adam Petcher 2017-07-04 01:52:53 +00:00
parent 933e26ad58
commit 248948c08b
1 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java
View file

@ -48,6 +48,7 @@ import sun.security.x509.X509Key;
public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
private static final long serialVersionUID = 2644735423591199609L;
private static final BigInteger THREE = BigInteger.valueOf(3);
private BigInteger n; // modulus
private BigInteger e; // public exponent
@ -61,6 +62,7 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
this.n = n;
this.e = e;
RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e);
checkExponentRange();
// generate the encoding
algid = RSAPrivateCrtKeyImpl.rsaId;
try {
@ -83,6 +85,19 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
public RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException {
decode(encoded);
RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e);
checkExponentRange();
}
private void checkExponentRange() throws InvalidKeyException {
// the exponent should be smaller than the modulus
if (e.compareTo(n) >= 0) {
throw new InvalidKeyException("exponent is larger than modulus");
}
// the exponent should be at least 3
if (e.compareTo(THREE) < 0) {
throw new InvalidKeyException("exponent is smaller than 3");
}
}
// see JCA doc