From f9bab57cd51d16308dc971c2d61117a374f1e08b Mon Sep 17 00:00:00 2001 From: vinnie Date: Thu, 10 Mar 2011 18:21:24 +0000 Subject: [PATCH] 7016078: javax.net.ssl.SSLException: Received fatal alert: internal_error starting JDK 7 b126 Reviewed-by: valeriep --- .../classes/sun/security/pkcs11/P11Key.java | 32 ++++++++++++++----- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/src/share/classes/sun/security/pkcs11/P11Key.java b/src/share/classes/sun/security/pkcs11/P11Key.java index b54d0d3c1..56c40a975 100644 --- a/src/share/classes/sun/security/pkcs11/P11Key.java +++ b/src/share/classes/sun/security/pkcs11/P11Key.java @@ -999,18 +999,34 @@ abstract class P11Key implements Key { new CK_ATTRIBUTE(CKA_EC_PARAMS), }; fetchAttributes(attributes); + try { params = P11ECKeyFactory.decodeParameters (attributes[1].getByteArray()); - DerValue wECPoint = new DerValue(attributes[0].getByteArray()); - if (wECPoint.getTag() != DerValue.tag_OctetString) - throw new IOException("Unexpected tag: " + - wECPoint.getTag()); - params = P11ECKeyFactory.decodeParameters - (attributes[1].getByteArray()); - w = P11ECKeyFactory.decodePoint - (wECPoint.getDataBytes(), params.getCurve()); + /* + * An uncompressed EC point may be in either of two formats. + * First try the OCTET STRING encoding: + * 04 04 + * + * Otherwise try the raw encoding: + * 04 + */ + byte[] ecKey = attributes[0].getByteArray(); + + try { + DerValue wECPoint = new DerValue(ecKey); + if (wECPoint.getTag() != DerValue.tag_OctetString) + throw new IOException("Unexpected tag: " + + wECPoint.getTag()); + + w = P11ECKeyFactory.decodePoint + (wECPoint.getDataBytes(), params.getCurve()); + + } catch (IOException e) { + // Failover + w = P11ECKeyFactory.decodePoint(ecKey, params.getCurve()); + } } catch (Exception e) { throw new RuntimeException("Could not parse key values", e); -- GitLab