7198901: correct the field size check when decoding a point on ECC curve

Reviewed-by: xuelei

7198901: correct the field size check when decoding a point on ECC curve
Reviewed-by: xuelei
37d3ba0c · vinnie · a8173074 · 37d3ba0c
显示空白变更内容
内联并排

Showing with 4 addition and 2 deletion

src/share/classes/sun/security/ec/ECParameters.java src/share/classes/sun/security/ec/ECParameters.java +4 -2

未找到文件。
--- a/src/share/classes/sun/security/ec/ECParameters.java
+++ b/src/share/classes/sun/security/ec/ECParameters.java
@@ -87,8 +87,10 @@ public final class ECParameters extends AlgorithmParametersSpi {
        if ((data.length == 0) || (data[0] != 4)) {
            throw new IOException("Only uncompressed point format supported");
        }
-        int n = data.length / 2;
+        // Per ANSI X9.62, an encoded point is a 1 byte type followed by
-        if (n > ((curve.getField().getFieldSize() + 7 ) >> 3)) {
+        // ceiling(log base 2 field-size / 8) bytes of x and the same of y.
+        int n = (data.length - 1) / 2;
+        if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
            throw new IOException("Point does not match field size");
        }
        byte[] xb = new byte[n];