Parsing malformed RSA key can try to allocate huge amount of memory

[utikeev]

KeyPairRSA.parse method has several similar sections where the DER fields are parsed, e.g.: https://github.com/mwiede/jsch/blob/1021900ef46a660a5e8dbec297df3e4a807346cf/src/main/java/com/jcraft/jsch/KeyPairRSA.java#L237-L246

Length of the field presented in the long form can be up to 2^1008-1 (126 bytes). After this length is read, JSch tries to allocate a byte array of such size without checking that such amount of bytes can be even read from the stream itself. As length is int it can't be bigger than 2^31 - 1, but that's still 2Gb of memory allocated that might easily lead to OutOfMemoryError.

Payload to reproduce the problem:

-----BEGIN RSA PRIVATE KEY-----
MIICWgIBAAKEf////w==
-----END RSA PRIVATE KEY-----

[utikeev]

DSA parsing also seems to be affected by this issue.