Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
e7c56a5f
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
e7c56a5f
编写于
6月 17, 2019
作者:
A
andrew
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8182999: SunEC throws ProviderException on invalid curves
Reviewed-by: vinnie
上级
cb09b0d7
变更
5
显示空白变更内容
内联
并排
Showing
5 changed file
with
152 addition
and
6 deletion
+152
-6
make/mapfiles/libsunec/mapfile-vers
make/mapfiles/libsunec/mapfile-vers
+2
-1
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
+44
-4
src/share/classes/sun/security/util/ECUtil.java
src/share/classes/sun/security/util/ECUtil.java
+1
-1
src/share/native/sun/security/ec/ECC_JNI.cpp
src/share/native/sun/security/ec/ECC_JNI.cpp
+44
-0
test/sun/security/ec/InvalidCurve.java
test/sun/security/ec/InvalidCurve.java
+61
-0
未找到文件。
make/mapfiles/libsunec/mapfile-vers
浏览文件 @
e7c56a5f
#
#
# Copyright (c) 2009, 201
4
, Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2009, 201
7
, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
#
# This code is free software; you can redistribute it and/or modify it
# This code is free software; you can redistribute it and/or modify it
...
@@ -27,6 +27,7 @@
...
@@ -27,6 +27,7 @@
SUNWprivate_1.1 {
SUNWprivate_1.1 {
global:
global:
Java_sun_security_ec_ECKeyPairGenerator_isCurveSupported;
Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair;
Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair;
Java_sun_security_ec_ECDSASignature_signDigest;
Java_sun_security_ec_ECDSASignature_signDigest;
Java_sun_security_ec_ECDSASignature_verifySignedDigest;
Java_sun_security_ec_ECDSASignature_verifySignedDigest;
...
...
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
浏览文件 @
e7c56a5f
...
@@ -25,12 +25,14 @@
...
@@ -25,12 +25,14 @@
package
sun.security.ec
;
package
sun.security.ec
;
import
java.io.IOException
;
import
java.math.BigInteger
;
import
java.math.BigInteger
;
import
java.security.*
;
import
java.security.*
;
import
java.security.spec.AlgorithmParameterSpec
;
import
java.security.spec.AlgorithmParameterSpec
;
import
java.security.spec.ECGenParameterSpec
;
import
java.security.spec.ECGenParameterSpec
;
import
java.security.spec.ECParameterSpec
;
import
java.security.spec.ECParameterSpec
;
import
java.security.spec.ECPoint
;
import
java.security.spec.ECPoint
;
import
java.security.spec.InvalidParameterSpecException
;
import
sun.security.ec.NamedCurve
;
import
sun.security.ec.NamedCurve
;
import
sun.security.ec.ECParameters
;
import
sun.security.ec.ECParameters
;
...
@@ -86,17 +88,19 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
...
@@ -86,17 +88,19 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public
void
initialize
(
AlgorithmParameterSpec
params
,
SecureRandom
random
)
public
void
initialize
(
AlgorithmParameterSpec
params
,
SecureRandom
random
)
throws
InvalidAlgorithmParameterException
{
throws
InvalidAlgorithmParameterException
{
ECParameterSpec
ecSpec
=
null
;
if
(
params
instanceof
ECParameterSpec
)
{
if
(
params
instanceof
ECParameterSpec
)
{
this
.
params
=
ECUtil
.
getECParameterSpec
(
null
,
ecSpec
=
ECUtil
.
getECParameterSpec
(
null
,
(
ECParameterSpec
)
params
);
(
ECParameterSpec
)
params
);
if
(
this
.
params
==
null
)
{
if
(
ecSpec
==
null
)
{
throw
new
InvalidAlgorithmParameterException
(
throw
new
InvalidAlgorithmParameterException
(
"Unsupported curve: "
+
params
);
"Unsupported curve: "
+
params
);
}
}
}
else
if
(
params
instanceof
ECGenParameterSpec
)
{
}
else
if
(
params
instanceof
ECGenParameterSpec
)
{
String
name
=
((
ECGenParameterSpec
)
params
).
getName
();
String
name
=
((
ECGenParameterSpec
)
params
).
getName
();
this
.
params
=
ECUtil
.
getECParameterSpec
(
null
,
name
);
ecSpec
=
ECUtil
.
getECParameterSpec
(
null
,
name
);
if
(
this
.
params
==
null
)
{
if
(
ecSpec
==
null
)
{
throw
new
InvalidAlgorithmParameterException
(
throw
new
InvalidAlgorithmParameterException
(
"Unknown curve name: "
+
name
);
"Unknown curve name: "
+
name
);
}
}
...
@@ -104,11 +108,36 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
...
@@ -104,11 +108,36 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
throw
new
InvalidAlgorithmParameterException
(
throw
new
InvalidAlgorithmParameterException
(
"ECParameterSpec or ECGenParameterSpec required for EC"
);
"ECParameterSpec or ECGenParameterSpec required for EC"
);
}
}
// Not all known curves are supported by the native implementation
ensureCurveIsSupported
(
ecSpec
);
this
.
params
=
ecSpec
;
this
.
keySize
=
this
.
keySize
=
((
ECParameterSpec
)
this
.
params
).
getCurve
().
getField
().
getFieldSize
();
((
ECParameterSpec
)
this
.
params
).
getCurve
().
getField
().
getFieldSize
();
this
.
random
=
random
;
this
.
random
=
random
;
}
}
private
static
void
ensureCurveIsSupported
(
ECParameterSpec
ecSpec
)
throws
InvalidAlgorithmParameterException
{
AlgorithmParameters
ecParams
=
ECUtil
.
getECParameters
(
null
);
byte
[]
encodedParams
;
try
{
ecParams
.
init
(
ecSpec
);
encodedParams
=
ecParams
.
getEncoded
();
}
catch
(
InvalidParameterSpecException
ex
)
{
throw
new
InvalidAlgorithmParameterException
(
"Unsupported curve: "
+
ecSpec
.
toString
());
}
catch
(
IOException
ex
)
{
throw
new
RuntimeException
(
ex
);
}
if
(!
isCurveSupported
(
encodedParams
))
{
throw
new
InvalidAlgorithmParameterException
(
"Unsupported curve: "
+
ecParams
.
toString
());
}
}
// generate the keypair. See JCA doc
// generate the keypair. See JCA doc
@Override
@Override
public
KeyPair
generateKeyPair
()
{
public
KeyPair
generateKeyPair
()
{
...
@@ -160,6 +189,17 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
...
@@ -160,6 +189,17 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
this
.
keySize
=
keySize
;
this
.
keySize
=
keySize
;
}
}
/**
* Checks whether the curve in the encoded parameters is supported by the
* native implementation.
*
* @param encodedParams encoded parameters in the same form accepted
* by generateECKeyPair
* @return true if and only if generateECKeyPair will succeed for
* the supplied parameters
*/
private
static
native
boolean
isCurveSupported
(
byte
[]
encodedParams
);
/*
/*
* Generates the keypair and returns a 2-element array of encoding bytes.
* Generates the keypair and returns a 2-element array of encoding bytes.
* The first one is for the private key, the second for the public key.
* The first one is for the private key, the second for the public key.
...
...
src/share/classes/sun/security/util/ECUtil.java
浏览文件 @
e7c56a5f
...
@@ -89,7 +89,7 @@ public class ECUtil {
...
@@ -89,7 +89,7 @@ public class ECUtil {
return
Arrays
.
copyOfRange
(
b
,
i
,
b
.
length
);
return
Arrays
.
copyOfRange
(
b
,
i
,
b
.
length
);
}
}
p
rivate
static
AlgorithmParameters
getECParameters
(
Provider
p
)
{
p
ublic
static
AlgorithmParameters
getECParameters
(
Provider
p
)
{
try
{
try
{
if
(
p
!=
null
)
{
if
(
p
!=
null
)
{
return
AlgorithmParameters
.
getInstance
(
"EC"
,
p
);
return
AlgorithmParameters
.
getInstance
(
"EC"
,
p
);
...
...
src/share/native/sun/security/ec/ECC_JNI.cpp
浏览文件 @
e7c56a5f
...
@@ -82,6 +82,50 @@ jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
...
@@ -82,6 +82,50 @@ jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
return
jEncodedBytes
;
return
jEncodedBytes
;
}
}
/*
* Class: sun_security_ec_ECKeyPairGenerator
* Method: isCurveSupported
* Signature: ([B)Z
*/
JNIEXPORT
jboolean
JNICALL
Java_sun_security_ec_ECKeyPairGenerator_isCurveSupported
(
JNIEnv
*
env
,
jclass
clazz
,
jbyteArray
encodedParams
)
{
SECKEYECParams
params_item
;
ECParams
*
ecparams
=
NULL
;
jboolean
result
=
JNI_FALSE
;
// The curve is supported if we can get parameters for it
params_item
.
len
=
env
->
GetArrayLength
(
encodedParams
);
params_item
.
data
=
(
unsigned
char
*
)
env
->
GetByteArrayElements
(
encodedParams
,
0
);
if
(
params_item
.
data
==
NULL
)
{
goto
cleanup
;
}
// Fill a new ECParams using the supplied OID
if
(
EC_DecodeParams
(
&
params_item
,
&
ecparams
,
0
)
!=
SECSuccess
)
{
/* bad curve OID */
goto
cleanup
;
}
// If we make it to here, then the curve is supported
result
=
JNI_TRUE
;
cleanup:
{
if
(
params_item
.
data
)
{
env
->
ReleaseByteArrayElements
(
encodedParams
,
(
jbyte
*
)
params_item
.
data
,
JNI_ABORT
);
}
if
(
ecparams
)
{
FreeECParams
(
ecparams
,
true
);
}
}
return
result
;
}
/*
/*
* Class: sun_security_ec_ECKeyPairGenerator
* Class: sun_security_ec_ECKeyPairGenerator
* Method: generateECKeyPair
* Method: generateECKeyPair
...
...
test/sun/security/ec/InvalidCurve.java
0 → 100644
浏览文件 @
e7c56a5f
/*
* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8182999
* @summary Ensure that SunEC behaves correctly for unsupported curves.
* @run main InvalidCurve
*/
import
java.security.*
;
import
java.security.spec.*
;
import
java.math.*
;
public
class
InvalidCurve
{
public
static
void
main
(
String
[]
args
)
{
KeyPairGenerator
keyGen
;
try
{
keyGen
=
KeyPairGenerator
.
getInstance
(
"EC"
,
"SunEC"
);
ECGenParameterSpec
brainpoolSpec
=
new
ECGenParameterSpec
(
"brainpoolP256r1"
);
keyGen
.
initialize
(
brainpoolSpec
);
}
catch
(
InvalidAlgorithmParameterException
ex
)
{
System
.
out
.
println
(
ex
.
getMessage
());
// this is expected
return
;
}
catch
(
NoSuchAlgorithmException
|
NoSuchProviderException
ex
)
{
throw
new
RuntimeException
(
ex
);
}
keyGen
.
generateKeyPair
();
// If we make it to here, then the test is not working correctly.
throw
new
RuntimeException
(
"The expected exception was not thrown."
);
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录