Mercurial > hg > openjdk > jdk6 > jdk
changeset 1739:29f71e03036a
8174756: Extra validation for public keys
Reviewed-by: valeriep
author | igerasim |
---|---|
date | Wed, 05 Jul 2017 13:03:31 -0700 |
parents | 39ff3e76325e |
children | b2f1356933bc |
files | src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java |
diffstat | 1 files changed, 15 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Wed May 24 19:57:48 2017 -0700 +++ b/src/share/classes/sun/security/rsa/RSAPublicKeyImpl.java Wed Jul 05 13:03:31 2017 -0700 @@ -48,6 +48,7 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey { private static final long serialVersionUID = 2644735423591199609L; + private static final BigInteger THREE = BigInteger.valueOf(3); private BigInteger n; // modulus private BigInteger e; // public exponent @@ -61,6 +62,7 @@ this.n = n; this.e = e; RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); + checkExponentRange(); // generate the encoding algid = RSAPrivateCrtKeyImpl.rsaId; try { @@ -82,6 +84,19 @@ public RSAPublicKeyImpl(byte[] encoded) throws InvalidKeyException { decode(encoded); RSAKeyFactory.checkRSAProviderKeyLengths(n.bitLength(), e); + checkExponentRange(); + } + + private void checkExponentRange() throws InvalidKeyException { + // the exponent should be smaller than the modulus + if (e.compareTo(n) >= 0) { + throw new InvalidKeyException("exponent is larger than modulus"); + } + + // the exponent should be at least 3 + if (e.compareTo(THREE) < 0) { + throw new InvalidKeyException("exponent is smaller than 3"); + } } // see JCA doc