Skip to content

Commit d680e26

Browse files
keithc-cakeithc-ca
authored
Merge pull request #135 from pshipton/0.33upd
(0.33) Fix race condition when creating the native pointer for an EC key, and FIPS updates
2 parents a5d03ce + c4f6b76 commit d680e26

File tree

3 files changed

+1084
-26
lines changed

3 files changed

+1084
-26
lines changed

src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java

+14-13
Original file line numberDiff line numberDiff line change
@@ -229,9 +229,9 @@ boolean isECFieldF2m() {
229229
* @return the native EC public key context pointer or -1 on error
230230
*/
231231
long getNativePtr() {
232-
if (nativeECKey == 0x0) {
232+
if (this.nativeECKey == 0x0) {
233233
synchronized (this) {
234-
if (nativeECKey == 0x0) {
234+
if (this.nativeECKey == 0x0) {
235235
ECPoint generator = this.params.getGenerator();
236236
EllipticCurve curve = this.params.getCurve();
237237
ECField field = curve.getField();
@@ -241,26 +241,27 @@ long getNativePtr() {
241241
byte[] gy = generator.getAffineY().toByteArray();
242242
byte[] n = this.params.getOrder().toByteArray();
243243
byte[] h = BigInteger.valueOf(this.params.getCofactor()).toByteArray();
244-
byte[] p = new byte[0];
244+
long nativePointer;
245245
if (field instanceof ECFieldFp) {
246-
p = ((ECFieldFp)field).getP().toByteArray();
247-
nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
246+
byte[] p = ((ECFieldFp)field).getP().toByteArray();
247+
nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
248248
} else if (field instanceof ECFieldF2m) {
249-
p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray();
250-
nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
249+
byte[] p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray();
250+
nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
251251
} else {
252-
nativeECKey = -1;
252+
nativePointer = -1;
253253
}
254-
if (nativeECKey != -1) {
255-
nativeCrypto.createECKeyCleaner(this, nativeECKey);
254+
if (nativePointer != -1) {
255+
nativeCrypto.createECKeyCleaner(this, nativePointer);
256256
byte[] value = this.getS().toByteArray();
257-
if (nativeCrypto.ECCreatePrivateKey(nativeECKey, value, value.length) == -1) {
258-
nativeECKey = -1;
257+
if (nativeCrypto.ECCreatePrivateKey(nativePointer, value, value.length) == -1) {
258+
nativePointer = -1;
259259
}
260260
}
261+
this.nativeECKey = nativePointer;
261262
}
262263
}
263264
}
264-
return nativeECKey;
265+
return this.nativeECKey;
265266
}
266267
}

src/jdk.crypto.ec/share/classes/sun/security/ec/ECPublicKeyImpl.java

+14-13
Original file line numberDiff line numberDiff line change
@@ -153,9 +153,9 @@ boolean isECFieldF2m() {
153153
* @return the native EC public key context pointer or -1 on error
154154
*/
155155
long getNativePtr() {
156-
if (nativeECKey == 0x0) {
156+
if (this.nativeECKey == 0x0) {
157157
synchronized (this) {
158-
if (nativeECKey == 0x0) {
158+
if (this.nativeECKey == 0x0) {
159159
ECPoint generator = this.params.getGenerator();
160160
EllipticCurve curve = this.params.getCurve();
161161
ECField field = curve.getField();
@@ -165,29 +165,30 @@ long getNativePtr() {
165165
byte[] gy = generator.getAffineY().toByteArray();
166166
byte[] n = this.params.getOrder().toByteArray();
167167
byte[] h = BigInteger.valueOf(this.params.getCofactor()).toByteArray();
168-
byte[] p = new byte[0];
168+
long nativePointer;
169169
int fieldType = 0;
170170
if (field instanceof ECFieldFp) {
171-
p = ((ECFieldFp)field).getP().toByteArray();
172-
nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
171+
byte[] p = ((ECFieldFp)field).getP().toByteArray();
172+
nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
173173
} else if (field instanceof ECFieldF2m) {
174174
fieldType = 1;
175-
p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray();
176-
nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
175+
byte[] p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray();
176+
nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length);
177177
} else {
178-
nativeECKey = -1;
178+
nativePointer = -1;
179179
}
180-
if (nativeECKey != -1) {
181-
nativeCrypto.createECKeyCleaner(this, nativeECKey);
180+
if (nativePointer != -1) {
181+
nativeCrypto.createECKeyCleaner(this, nativePointer);
182182
byte[] x = this.w.getAffineX().toByteArray();
183183
byte[] y = this.w.getAffineY().toByteArray();
184-
if (nativeCrypto.ECCreatePublicKey(nativeECKey, x, x.length, y, y.length, fieldType) == -1) {
185-
nativeECKey = -1;
184+
if (nativeCrypto.ECCreatePublicKey(nativePointer, x, x.length, y, y.length, fieldType) == -1) {
185+
nativePointer = -1;
186186
}
187187
}
188+
this.nativeECKey = nativePointer;
188189
}
189190
}
190191
}
191-
return nativeECKey;
192+
return this.nativeECKey;
192193
}
193194
}

0 commit comments

Comments
 (0)