JDK-7050158 : Cipher in plain RSA signing treats private keys as public
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 7-pool
  • Priority: P3
  • Status: Resolved
  • Resolution: Not an Issue
  • OS: windows
  • CPU: x86
  • Submitted: 2011-05-31
  • Updated: 2016-05-18
  • Resolved: 2016-05-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6
6-poolResolved
Related Reports
Relates :  
JDK-6888925 - SunMSCAPI's Cipher can't use RSA public keys obtained from other sources.
Relates :  
JDK-6578658 - Request for raw RSA (NONEwithRSA) Signature support in SunMSCAPI
Description
Consider the following code snippet

Cipher rsa = Cipher.getInstance("RSA","SunMSCAPI");
rsa.init(Cipher.ENCRYPT_MODE, privateKey);

The resulting Cipher is the same as if a corresponding publicKey was provided.

At CU's opinion using Cipher API for encryption with private key is not a common case but it is not a misuse of the API. SunJCE provider supports such scenario.
PKCS #7 signed data specification describes encryption with the private key
see http://www.ietf.org/rfc/rfc2315.txt

The request is to initialize Ciphers with the private key if a private key is provided in case of SunMSCAPI - encryption.