Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
65d04a83
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
65d04a83
编写于
10月 13, 2011
作者:
V
vinnie
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7099228: Use a PKCS11 config attribute to control encoding of an EC point
Reviewed-by: valeriep, mullan
上级
d5cc3e61
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
35 addition
and
25 deletion
+35
-25
src/share/classes/sun/security/pkcs11/Config.java
src/share/classes/sun/security/pkcs11/Config.java
+11
-0
src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
+13
-7
src/share/classes/sun/security/pkcs11/P11Key.java
src/share/classes/sun/security/pkcs11/P11Key.java
+8
-15
src/share/lib/security/sunpkcs11-solaris.cfg
src/share/lib/security/sunpkcs11-solaris.cfg
+3
-0
test/ProblemList.txt
test/ProblemList.txt
+0
-3
未找到文件。
src/share/classes/sun/security/pkcs11/Config.java
浏览文件 @
65d04a83
...
...
@@ -192,6 +192,11 @@ final class Config {
// works only for NSS providers created via the Secmod API
private
boolean
nssUseSecmodTrust
=
false
;
// Flag to indicate whether the X9.63 encoding for EC points shall be used
// (true) or whether that encoding shall be wrapped in an ASN.1 OctetString
// (false).
private
boolean
useEcX963Encoding
=
false
;
private
Config
(
String
filename
,
InputStream
in
)
throws
IOException
{
if
(
in
==
null
)
{
if
(
filename
.
startsWith
(
"--"
))
{
...
...
@@ -320,6 +325,10 @@ final class Config {
return
nssUseSecmodTrust
;
}
boolean
getUseEcX963Encoding
()
{
return
useEcX963Encoding
;
}
private
static
String
expand
(
final
String
s
)
throws
IOException
{
try
{
return
PropertyExpander
.
expand
(
s
);
...
...
@@ -440,6 +449,8 @@ final class Config {
parseNSSArgs
(
word
);
}
else
if
(
word
.
equals
(
"nssUseSecmodTrust"
))
{
nssUseSecmodTrust
=
parseBooleanEntry
(
word
);
}
else
if
(
word
.
equals
(
"useEcX963Encoding"
))
{
useEcX963Encoding
=
parseBooleanEntry
(
word
);
}
else
{
throw
new
ConfigurationException
(
"Unknown keyword '"
+
word
+
"', line "
+
st
.
lineno
());
...
...
src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
浏览文件 @
65d04a83
...
...
@@ -203,14 +203,20 @@ final class P11ECKeyFactory extends P11KeyFactory {
private
PublicKey
generatePublic
(
ECPoint
point
,
ECParameterSpec
params
)
throws
PKCS11Exception
{
byte
[]
encodedParams
=
ECParameters
.
encodeParameters
(
params
);
byte
[]
encodedPoint
=
null
;
DerValue
pkECPoint
=
new
DerValue
(
DerValue
.
tag_OctetString
,
ECParameters
.
encodePoint
(
point
,
params
.
getCurve
()));
byte
[]
encodedPoint
=
ECParameters
.
encodePoint
(
point
,
params
.
getCurve
());
try
{
encodedPoint
=
pkECPoint
.
toByteArray
();
}
catch
(
IOException
e
)
{
throw
new
IllegalArgumentException
(
"Could not DER encode point"
,
e
);
// Check whether the X9.63 encoding of an EC point shall be wrapped
// in an ASN.1 OCTET STRING
if
(!
token
.
config
.
getUseEcX963Encoding
())
{
try
{
encodedPoint
=
new
DerValue
(
DerValue
.
tag_OctetString
,
encodedPoint
)
.
toByteArray
();
}
catch
(
IOException
e
)
{
throw
new
IllegalArgumentException
(
"Could not DER encode point"
,
e
);
}
}
CK_ATTRIBUTE
[]
attributes
=
new
CK_ATTRIBUTE
[]
{
...
...
src/share/classes/sun/security/pkcs11/P11Key.java
浏览文件 @
65d04a83
...
...
@@ -1028,28 +1028,21 @@ abstract class P11Key implements Key {
try
{
params
=
P11ECKeyFactory
.
decodeParameters
(
attributes
[
1
].
getByteArray
());
/*
* An uncompressed EC point may be in either of two formats.
* First try the OCTET STRING encoding:
* 04 <length> 04 <X-coordinate> <Y-coordinate>
*
* Otherwise try the raw encoding:
* 04 <X-coordinate> <Y-coordinate>
*/
byte
[]
ecKey
=
attributes
[
0
].
getByteArray
();
try
{
// Check whether the X9.63 encoding of an EC point is wrapped
// in an ASN.1 OCTET STRING
if
(!
token
.
config
.
getUseEcX963Encoding
())
{
DerValue
wECPoint
=
new
DerValue
(
ecKey
);
if
(
wECPoint
.
getTag
()
!=
DerValue
.
tag_OctetString
)
throw
new
IOException
(
"Unexpected tag: "
+
wECPoint
.
getTag
());
if
(
wECPoint
.
getTag
()
!=
DerValue
.
tag_OctetString
)
{
throw
new
IOException
(
"Could not DER decode EC point."
+
" Unexpected tag: "
+
wECPoint
.
getTag
());
}
w
=
P11ECKeyFactory
.
decodePoint
(
wECPoint
.
getDataBytes
(),
params
.
getCurve
());
}
catch
(
IOException
e
)
{
// Failover
}
else
{
w
=
P11ECKeyFactory
.
decodePoint
(
ecKey
,
params
.
getCurve
());
}
...
...
src/share/lib/security/sunpkcs11-solaris.cfg
浏览文件 @
65d04a83
...
...
@@ -11,6 +11,9 @@ library = /usr/lib/$ISA/libpkcs11.so
handleStartupErrors = ignoreAll
# Use the X9.63 encoding for EC points (do not wrap in an ASN.1 OctetString).
useEcX963Encoding = true
attributes = compatibility
disabledMechanisms = {
...
...
test/ProblemList.txt
浏览文件 @
65d04a83
...
...
@@ -517,9 +517,6 @@ sun/security/ssl/sanity/interop/ClientJSSEServerJSSE.java generic-all
# 7079203 sun/security/tools/keytool/printssl.sh fails on solaris with timeout
sun/security/tools/keytool/printssl.sh solaris-all
# 7054637
sun/security/tools/jarsigner/ec.sh solaris-all
# 7081817
sun/security/provider/certpath/X509CertPath/IllegalCertiticates.java generic-all
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录