archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support

Browse source 
Fixed SignatureUtil and ECDSA signature impl to handle EC parameters

Reviewed-by: weijun
This commit is contained in:
Valerie Peng 2019-07-11 20:11:47 +00:00
parent 27c77d3d29
commit 175faeeadf
5 changed files with 189 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

19
src/java.base/share/classes/sun/security/util/CurveDB.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -104,21 +104,10 @@ public class CurveDB {
if (namedCurve.getCurve().getField().getFieldSize() != fieldSize) {
continue;
}
if (namedCurve.getCurve().equals(params.getCurve()) == false) {
continue;
if (ECUtil.equals(namedCurve, params)) {
// everything matches our named curve, return it
return namedCurve;
}
if (namedCurve.getGenerator().equals(params.getGenerator()) ==
false) {
continue;
}
if (namedCurve.getOrder().equals(params.getOrder()) == false) {
continue;
}
if (namedCurve.getCofactor() != params.getCofactor()) {
continue;
}
// everything matches our named curve, return it
return namedCurve;
}
// no match found
return null;

19
src/java.base/share/classes/sun/security/util/ECUtil.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -32,7 +32,7 @@ import java.security.interfaces.*;
import java.security.spec.*;
import java.util.Arrays;
public class ECUtil {
public final class ECUtil {
// Used by SunPKCS11 and SunJSSE.
public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
@ -220,6 +220,21 @@ public class ECUtil {
return nameSpec.getName();
}
public static boolean equals(ECParameterSpec spec1, ECParameterSpec spec2) {
if (spec1 == spec2) {
return true;
}
if (spec1 == null || spec2 == null) {
return false;
}
return (spec1.getCofactor() == spec2.getCofactor() &&
spec1.getOrder().equals(spec2.getOrder()) &&
spec1.getCurve().equals(spec2.getCurve()) &&
spec1.getGenerator().equals(spec2.getGenerator()));
}
// Convert the concatenation R and S in into their DER encoding
public static byte[] encodeSignature(byte[] signature) throws SignatureException {

47
src/java.base/share/classes/sun/security/util/SignatureUtil.java
View file

@ -28,6 +28,7 @@ package sun.security.util;
import java.io.IOException;
import java.security.*;
import java.security.spec.*;
import java.util.Locale;
import sun.security.rsa.RSAUtil;
import jdk.internal.access.SharedSecrets;
@ -74,14 +75,9 @@ public class SignatureUtil {
AlgorithmParameters params)
throws ProviderException {
sigName = checkName(sigName);
sigName = checkName(sigName).toUpperCase(Locale.ENGLISH);
AlgorithmParameterSpec paramSpec = null;
if (params != null) {
if (sigName.toUpperCase().indexOf("RSA") == -1) {
throw new ProviderException
("Unrecognized algorithm for signature parameters " +
sigName);
}
// AlgorithmParameters.getAlgorithm() may returns oid if it's
// created during DER decoding. Convert to use the standard name
// before passing it to RSAUtil
@ -93,7 +89,20 @@ public class SignatureUtil {
throw new ProviderException(e);
}
}
paramSpec = RSAUtil.getParamSpec(params);
if (sigName.indexOf("RSA") != -1) {
paramSpec = RSAUtil.getParamSpec(params);
} else if (sigName.indexOf("ECDSA") != -1) {
try {
paramSpec = params.getParameterSpec(ECParameterSpec.class);
} catch (Exception e) {
throw new ProviderException("Error handling EC parameters", e);
}
} else {
throw new ProviderException
("Unrecognized algorithm for signature parameters " +
sigName);
}
}
return paramSpec;
}
@ -103,17 +112,31 @@ public class SignatureUtil {
public static AlgorithmParameterSpec getParamSpec(String sigName,
byte[] paramBytes)
throws ProviderException {
sigName = checkName(sigName);
sigName = checkName(sigName).toUpperCase(Locale.ENGLISH);
AlgorithmParameterSpec paramSpec = null;
if (paramBytes != null) {
if (sigName.toUpperCase().indexOf("RSA") == -1) {
if (sigName.indexOf("RSA") != -1) {
AlgorithmParameters params =
createAlgorithmParameters(sigName, paramBytes);
paramSpec = RSAUtil.getParamSpec(params);
} else if (sigName.indexOf("ECDSA") != -1) {
try {
Provider p = Signature.getInstance(sigName).getProvider();
paramSpec = ECUtil.getECParameterSpec(p, paramBytes);
} catch (Exception e) {
throw new ProviderException("Error handling EC parameters", e);
}
// ECUtil discards exception and returns null, so we need to check
// the returned value
if (paramSpec == null) {
throw new ProviderException("Error handling EC parameters");
}
} else {
throw new ProviderException
("Unrecognized algorithm for signature parameters " +
sigName);
}
AlgorithmParameters params =
createAlgorithmParameters(sigName, paramBytes);
paramSpec = RSAUtil.getParamSpec(params);
}
return paramSpec;
}