Closed
Bug 144934
Opened 22 years ago
Closed 22 years ago
generating DSA public key from spec is broken
Categories
(JSS Graveyard :: Library, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
3.2
People
(Reporter: jamie-bugzilla, Assigned: jamie-bugzilla)
Details
org/mozilla/jss/provider/java/security/JSSKeyFactory1_2.engineGeneratePublic is
broken in the DSA case. We are creating a DSA public key using only the "Y"
public value. This is insufficient because signature verification, for example,
also requires the PQG parameters. The DSAPublicKeySpec actually contains PQG,
but we aren't using them.
I think the bug may actually be in PK11PubKey.fromRaw(), which purports to
create a DSA public key just from its public value but in fact the thing it
creates is useless. But a fix/workaround is to take P,Q,G, and Y out of the DSA
PublicKey spec and build a SubjectPublicKeyInfo out of them, and then pass that
to PK11PubKey.fromSPKI.
Assignee | ||
Comment 1•22 years ago
|
||
Fixed and checked into the trunk.
1) KeyFactory now constructs a SubjectPublicKeyInfo and imports that instead of
just the DSA public value.
2) PK11PubKey.fromRaw() has been deprecated because it only works for RSA keys.
/cvsroot/mozilla/security/jss/org/mozilla/jss/pkcs11/PK11PubKey.java,v <--
PK11PubKey.java
new revision: 1.5; previous revision: 1.4
/cvsroot/mozilla/security/jss/org/mozilla/jss/provider/java/security/KeyFactorySpi1_2.java,v
<-- KeyFactorySpi1_2.java
new revision: 1.2; previous revision: 1.1
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.2
You need to log in
before you can comment on or make changes to this bug.
Description
•