Skip to content
Permalink
Browse files
8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec ap…
…pear to be backwards

Reviewed-by: jnimeh
  • Loading branch information
ziyiluo authored and Jamil Nimeh committed Mar 4, 2021
1 parent d2c4ed0 commit a777e82cd81fb5f02b09c4917b2a44f94c603939
Show file tree
Hide file tree
Showing 17 changed files with 136 additions and 63 deletions.
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -106,7 +106,7 @@ protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec)

// Check if requested key spec is amongst the valid ones
if ((keySpec != null) &&
DESKeySpec.class.isAssignableFrom(keySpec)) {
keySpec.isAssignableFrom(DESKeySpec.class)) {
return new DESKeySpec(key.getEncoded());

} else {
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -102,7 +102,7 @@ protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec)
&& (key.getFormat().equalsIgnoreCase("RAW"))) {

// Check if requested key spec is amongst the valid ones
if (DESedeKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DESedeKeySpec.class)) {
return new DESedeKeySpec(key.getEncoded());

} else {
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -145,15 +145,15 @@ T engineGetKeySpec(Key key, Class<T> keySpec)

if (key instanceof javax.crypto.interfaces.DHPublicKey) {

if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DHPublicKeySpec.class)) {
javax.crypto.interfaces.DHPublicKey dhPubKey
= (javax.crypto.interfaces.DHPublicKey) key;
params = dhPubKey.getParams();
return keySpec.cast(new DHPublicKeySpec(dhPubKey.getY(),
params.getP(),
params.getG()));

} else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));

} else {
@@ -163,15 +163,15 @@ T engineGetKeySpec(Key key, Class<T> keySpec)

} else if (key instanceof javax.crypto.interfaces.DHPrivateKey) {

if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DHPrivateKeySpec.class)) {
javax.crypto.interfaces.DHPrivateKey dhPrivKey
= (javax.crypto.interfaces.DHPrivateKey)key;
params = dhPrivKey.getParams();
return keySpec.cast(new DHPrivateKeySpec(dhPrivKey.getX(),
params.getP(),
params.getG()));

} else if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));

} else {
@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -148,7 +148,7 @@ T engineGetKeySpec(Key key, Class<T> keySpec)
Class<?> x509KeySpec = Class.forName
("java.security.spec.X509EncodedKeySpec");

if (dsaPubKeySpec.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(dsaPubKeySpec)) {
java.security.interfaces.DSAPublicKey dsaPubKey
= (java.security.interfaces.DSAPublicKey)key;
params = dsaPubKey.getParams();
@@ -157,7 +157,7 @@ T engineGetKeySpec(Key key, Class<T> keySpec)
params.getQ(),
params.getG()));

} else if (x509KeySpec.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(x509KeySpec)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));

} else {
@@ -173,7 +173,7 @@ T engineGetKeySpec(Key key, Class<T> keySpec)
Class<?> pkcs8KeySpec = Class.forName
("java.security.spec.PKCS8EncodedKeySpec");

if (dsaPrivKeySpec.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(dsaPrivKeySpec)) {
java.security.interfaces.DSAPrivateKey dsaPrivKey
= (java.security.interfaces.DSAPrivateKey)key;
params = dsaPrivKey.getParams();
@@ -182,7 +182,7 @@ T engineGetKeySpec(Key key, Class<T> keySpec)
params.getQ(),
params.getG()));

} else if (pkcs8KeySpec.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(pkcs8KeySpec)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));

} else {
@@ -389,23 +389,23 @@ protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
}
if (key instanceof RSAPublicKey) {
RSAPublicKey rsaKey = (RSAPublicKey)key;
if (RSA_PUB_KEYSPEC_CLS.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(RSA_PUB_KEYSPEC_CLS)) {
return keySpec.cast(new RSAPublicKeySpec(
rsaKey.getModulus(),
rsaKey.getPublicExponent(),
rsaKey.getParams()
));
} else if (X509_KEYSPEC_CLS.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(X509_KEYSPEC_CLS)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException
("KeySpec must be RSAPublicKeySpec or "
+ "X509EncodedKeySpec for RSA public keys");
}
} else if (key instanceof RSAPrivateKey) {
if (PKCS8_KEYSPEC_CLS.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(PKCS8_KEYSPEC_CLS)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
} else if (RSA_PRIVCRT_KEYSPEC_CLS.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(RSA_PRIVCRT_KEYSPEC_CLS)) {
if (key instanceof RSAPrivateCrtKey) {
RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)key;
return keySpec.cast(new RSAPrivateCrtKeySpec(
@@ -423,7 +423,7 @@ protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
throw new InvalidKeySpecException
("RSAPrivateCrtKeySpec can only be used with CRT keys");
}
} else if (RSA_PRIV_KEYSPEC_CLS.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(RSA_PRIV_KEYSPEC_CLS)) {
RSAPrivateKey rsaKey = (RSAPrivateKey)key;
return keySpec.cast(new RSAPrivateKeySpec(
rsaKey.getModulus(),
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -214,7 +214,7 @@ private PrivateKey generatePrivate(BigInteger x, BigInteger p,

<T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (DHPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DHPublicKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_VALUE),
@@ -241,7 +241,7 @@ <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,

<T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (DHPrivateKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DHPrivateKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_VALUE),
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -210,7 +210,7 @@ private PrivateKey generatePrivate(BigInteger x, BigInteger p,

<T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (DSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DSAPublicKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_VALUE),
@@ -239,7 +239,7 @@ <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,

<T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (DSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_VALUE),
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -284,7 +284,7 @@ private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)

<T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(ECPublicKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_EC_POINT),
@@ -315,7 +315,7 @@ <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,

<T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(ECPrivateKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_VALUE),
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -73,8 +73,8 @@ protected final <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec
("key and keySpec must not be null");
}
// delegate to our Java based providers for PKCS#8 and X.509
if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)
|| X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)
|| keySpec.isAssignableFrom(X509EncodedKeySpec.class)) {
try {
return implGetSoftwareFactory().getKeySpec(key, keySpec);
} catch (GeneralSecurityException e) {
@@ -252,7 +252,7 @@ private PrivateKey generatePrivate(BigInteger n, BigInteger e,

<T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (RSAPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(RSAPublicKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_MODULUS),
@@ -277,7 +277,7 @@ <T extends KeySpec> T implGetPublicKeySpec(P11Key key, Class<T> keySpec,

<T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
Session[] session) throws PKCS11Exception, InvalidKeySpecException {
if (RSAPrivateCrtKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_MODULUS),
@@ -307,7 +307,7 @@ <T extends KeySpec> T implGetPrivateKeySpec(P11Key key, Class<T> keySpec,
attributes[7].getBigInteger()
);
return keySpec.cast(spec);
} else if (RSAPrivateKeySpec.class.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(RSAPrivateKeySpec.class)) {
session[0] = token.getObjSession();
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_MODULUS),
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -341,19 +341,19 @@ protected KeySpec engineGetKeySpec(SecretKey key, Class<?> keySpec)
throw new InvalidKeySpecException
("key and keySpec must not be null");
}
if (SecretKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(SecretKeySpec.class)) {
return new SecretKeySpec(getKeyBytes(key), algorithm);
} else if (algorithm.equalsIgnoreCase("DES")) {
try {
if (DESKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DESKeySpec.class)) {
return new DESKeySpec(getKeyBytes(key));
}
} catch (InvalidKeyException e) {
throw new InvalidKeySpecException(e);
}
} else if (algorithm.equalsIgnoreCase("DESede")) {
try {
if (DESedeKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(DESedeKeySpec.class)) {
return new DESedeKeySpec(getKeyBytes(key));
}
} catch (InvalidKeyException e) {
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -256,22 +256,22 @@ protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec)
}
if (key instanceof ECPublicKey) {
ECPublicKey ecKey = (ECPublicKey)key;
if (ECPublicKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(ECPublicKeySpec.class)) {
return keySpec.cast(new ECPublicKeySpec(
ecKey.getW(),
ecKey.getParams()
));
} else if (X509EncodedKeySpec.class.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(X509EncodedKeySpec.class)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException
("KeySpec must be ECPublicKeySpec or "
+ "X509EncodedKeySpec for EC public keys");
}
} else if (key instanceof ECPrivateKey) {
if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec)) {
if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
} else if (ECPrivateKeySpec.class.isAssignableFrom(keySpec)) {
} else if (keySpec.isAssignableFrom(ECPrivateKeySpec.class)) {
ECPrivateKey ecKey = (ECPrivateKey)key;
return keySpec.cast(new ECPrivateKeySpec(
ecKey.getS(),

0 comments on commit a777e82

Please sign in to comment.