8205720: KeyFactory#getKeySpec and translateKey thorws NullPointerException with Invalid key

Updated SunRsaSign provider to check and throw InvalidKeyException for null key algo/format/encoding Reviewed-by: xuelei
2025-08-28 07:14:30 +02:00 · 2018-06-30 00:33:05 +00:00 · 2018-06-30 00:33:05 +00:00 · ecc5979769
commit ecc5979769
parent 11184615a8
4 changed files with 33 additions and 21 deletions
--- a/src/java.base/share/classes/sun/security/rsa/RSAKeyFactory.java
+++ b/src/java.base/share/classes/sun/security/rsa/RSAKeyFactory.java
@ -100,7 +100,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
    private static void checkKeyAlgo(Key key, String expectedAlg)
            throws InvalidKeyException {
        String keyAlg = key.getAlgorithm();
-        if (!(keyAlg.equalsIgnoreCase(expectedAlg))) {
+        if (keyAlg == null || !(keyAlg.equalsIgnoreCase(expectedAlg))) {
            throw new InvalidKeyException("Expected a " + expectedAlg
                    + " key, but got " + keyAlg);
        }
@ -123,8 +123,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
            return (RSAKey)key;
        } else {
            try {
-                String keyAlgo = key.getAlgorithm();
-                KeyType type = KeyType.lookup(keyAlgo);
+                KeyType type = KeyType.lookup(key.getAlgorithm());
                RSAKeyFactory kf = RSAKeyFactory.getInstance(type);
                return (RSAKey) kf.engineTranslateKey(key);
            } catch (ProviderException e) {
@ -268,8 +267,7 @@ public class RSAKeyFactory extends KeyFactorySpi {
                throw new InvalidKeyException("Invalid key", e);
            }
        } else if ("X.509".equals(key.getFormat())) {
-            byte[] encoded = key.getEncoded();
-            RSAPublicKey translated = new RSAPublicKeyImpl(encoded);
+            RSAPublicKey translated = new RSAPublicKeyImpl(key.getEncoded());
            // ensure the key algorithm matches the current KeyFactory instance
            checkKeyAlgo(translated, type.keyAlgo());
            return translated;
@ -313,8 +311,8 @@ public class RSAKeyFactory extends KeyFactorySpi {
                throw new InvalidKeyException("Invalid key", e);
            }
        } else if ("PKCS#8".equals(key.getFormat())) {
-            byte[] encoded = key.getEncoded();
-            RSAPrivateKey translated = RSAPrivateCrtKeyImpl.newKey(encoded);
+            RSAPrivateKey translated =
+                RSAPrivateCrtKeyImpl.newKey(key.getEncoded());
            // ensure the key algorithm matches the current KeyFactory instance
            checkKeyAlgo(translated, type.keyAlgo());
            return translated;