bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

RSA DigestSignatureSpi returns true from supportsParameter for PKCS#8 encoded ECPrivateKey

Open rogermap opened this issue 1 year ago • 1 comments

In JDK 21 java.security.Signature method the provider chooser algorithm contains this code:

 // if provider says it does not support this key, ignore it
  if (key != null && s.supportsParameter(key) == false) {
      continue;
  }

org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi$SHA1 returns true for PKCS#8 encoded ECPrivateKey

The algorithm choose that provider and in the provider init method throws an exception because it is not a RSAPrivateKey

    protected void engineInitSign(
        PrivateKey privateKey)
        throws InvalidKeyException
    {
        if (!(privateKey instanceof RSAPrivateKey))
        {
            throw new InvalidKeyException("Supplied key (" + getType(privateKey) + ") is not a RSAPrivateKey instance");
        }
        CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
        digest.reset();
        cipher.init(true, param);
    }

Edited for formatting by @cipherboy.

rogermap avatar May 23 '24 17:05 rogermap

Yes, it appears the default implementation checks the format before it checks the key class, returning true if it matches. I don't think it makes sense for the JVM to be doing a format check here, all PrivateKeys will have the format PKCS#8, it should only be checking the key class.

dghgit avatar Sep 02 '24 01:09 dghgit