archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8297065: DerOutputStream operations should not throw IOExceptions

Browse source 
Reviewed-by: mullan, valeriep
This commit is contained in:
Weijun Wang 2022-11-29 12:57:46 +00:00
parent d83a07b72c
commit 2deb318c9f
109 changed files with 725 additions and 1112 deletions
Download patch file Download diff file Expand all files Collapse all files

79
src/java.base/share/classes/sun/security/rsa/RSAPrivateCrtKeyImpl.java
View file

@ -199,49 +199,44 @@ public final class RSAPrivateCrtKeyImpl
this.type = type;
this.keyParams = keyParams;
try {
byte[][] nbytes = new byte[8][];
nbytes[0] = n.toByteArray();
nbytes[1] = e.toByteArray();
nbytes[2] = d.toByteArray();
nbytes[3] = p.toByteArray();
nbytes[4] = q.toByteArray();
nbytes[5] = pe.toByteArray();
nbytes[6] = qe.toByteArray();
nbytes[7] = coeff.toByteArray();
byte[][] nbytes = new byte[8][];
nbytes[0] = n.toByteArray();
nbytes[1] = e.toByteArray();
nbytes[2] = d.toByteArray();
nbytes[3] = p.toByteArray();
nbytes[4] = q.toByteArray();
nbytes[5] = pe.toByteArray();
nbytes[6] = qe.toByteArray();
nbytes[7] = coeff.toByteArray();
// Initiate with a big enough size so there's no need to
// reallocate memory later and thus can be cleaned up
// reliably.
DerOutputStream out = new DerOutputStream(
nbytes[0].length + nbytes[1].length +
nbytes[2].length + nbytes[3].length +
nbytes[4].length + nbytes[5].length +
nbytes[6].length + nbytes[7].length +
100); // Enough for version(3) and 8 tag+length(3 or 4)
out.putInteger(0); // version must be 0
out.putInteger(nbytes[0]);
out.putInteger(nbytes[1]);
out.putInteger(nbytes[2]);
out.putInteger(nbytes[3]);
out.putInteger(nbytes[4]);
out.putInteger(nbytes[5]);
out.putInteger(nbytes[6]);
out.putInteger(nbytes[7]);
// Private values from [2] on.
Arrays.fill(nbytes[2], (byte)0);
Arrays.fill(nbytes[3], (byte)0);
Arrays.fill(nbytes[4], (byte)0);
Arrays.fill(nbytes[5], (byte)0);
Arrays.fill(nbytes[6], (byte)0);
Arrays.fill(nbytes[7], (byte)0);
DerValue val = DerValue.wrap(DerValue.tag_Sequence, out);
key = val.toByteArray();
val.clear();
} catch (IOException exc) {
// should never occur
throw new InvalidKeyException(exc);
}
// Initiate with a big enough size so there's no need to
// reallocate memory later and thus can be cleaned up
// reliably.
DerOutputStream out = new DerOutputStream(
nbytes[0].length + nbytes[1].length +
nbytes[2].length + nbytes[3].length +
nbytes[4].length + nbytes[5].length +
nbytes[6].length + nbytes[7].length +
100); // Enough for version(3) and 8 tag+length(3 or 4)
out.putInteger(0); // version must be 0
out.putInteger(nbytes[0]);
out.putInteger(nbytes[1]);
out.putInteger(nbytes[2]);
out.putInteger(nbytes[3]);
out.putInteger(nbytes[4]);
out.putInteger(nbytes[5]);
out.putInteger(nbytes[6]);
out.putInteger(nbytes[7]);
// Private values from [2] on.
Arrays.fill(nbytes[2], (byte) 0);
Arrays.fill(nbytes[3], (byte) 0);
Arrays.fill(nbytes[4], (byte) 0);
Arrays.fill(nbytes[5], (byte) 0);
Arrays.fill(nbytes[6], (byte) 0);
Arrays.fill(nbytes[7], (byte) 0);
DerValue val = DerValue.wrap(DerValue.tag_Sequence, out);
key = val.toByteArray();
val.clear();
}
// see JCA doc

48
src/java.base/share/classes/sun/security/rsa/RSAPrivateKeyImpl.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,6 @@
package sun.security.rsa;
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
@ -89,31 +88,26 @@ public final class RSAPrivateKeyImpl extends PKCS8Key implements RSAPrivateKey {
this.type = type;
this.keyParams = keyParams;
try {
// generate the key encoding
byte[] nbytes = n.toByteArray();
byte[] dbytes = d.toByteArray();
DerOutputStream out = new DerOutputStream(
nbytes.length + dbytes.length + 50);
// Enough for 7 zeroes (21) and 2 tag+length(4)
out.putInteger(0); // version must be 0
out.putInteger(nbytes);
Arrays.fill(nbytes, (byte)0);
out.putInteger(0);
out.putInteger(dbytes);
Arrays.fill(dbytes, (byte)0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
DerValue val = DerValue.wrap(DerValue.tag_Sequence, out);
key = val.toByteArray();
val.clear();
} catch (IOException exc) {
// should never occur
throw new InvalidKeyException(exc);
}
// generate the key encoding
byte[] nbytes = n.toByteArray();
byte[] dbytes = d.toByteArray();
DerOutputStream out = new DerOutputStream(
nbytes.length + dbytes.length + 50);
// Enough for 7 zeroes (21) and 2 tag+length(4)
out.putInteger(0); // version must be 0
out.putInteger(nbytes);
Arrays.fill(nbytes, (byte) 0);
out.putInteger(0);
out.putInteger(dbytes);
Arrays.fill(dbytes, (byte) 0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
out.putInteger(0);
DerValue val = DerValue.wrap(DerValue.tag_Sequence, out);
key = val.toByteArray();
val.clear();
}
// see JCA doc

19
src/java.base/share/classes/sun/security/rsa/RSAPublicKeyImpl.java
View file

@ -126,19 +126,14 @@ public final class RSAPublicKeyImpl extends X509Key implements RSAPublicKey {
this.type = type;
this.keyParams = keyParams;
try {
// generate the key encoding
DerOutputStream out = new DerOutputStream();
out.putInteger(n);
out.putInteger(e);
byte[] keyArray =
// generate the key encoding
DerOutputStream out = new DerOutputStream();
out.putInteger(n);
out.putInteger(e);
byte[] keyArray =
new DerValue(DerValue.tag_Sequence,
out.toByteArray()).toByteArray();
setKey(new BitArray(keyArray.length*8, keyArray));
} catch (IOException exc) {
// should never occur
throw new InvalidKeyException(exc);
}
out.toByteArray()).toByteArray();
setKey(new BitArray(keyArray.length * 8, keyArray));
}
/**

2
src/java.base/share/classes/sun/security/rsa/RSASignature.java
View file

@ -193,8 +193,6 @@ abstract class RSASignature extends SignatureSpi {
return RSACore.rsa(padded, privateKey, true);
} catch (GeneralSecurityException e) {
throw new SignatureException("Could not sign data", e);
} catch (IOException e) {
throw new SignatureException("Could not encode data", e);
}
}

3
src/java.base/share/classes/sun/security/rsa/RSAUtil.java
View file

@ -170,8 +170,7 @@ public class RSAUtil {
* Encode the digest, return the to-be-signed data.
* Also used by the PKCS#11 provider.
*/
public static byte[] encodeSignature(ObjectIdentifier oid, byte[] digest)
throws IOException {
public static byte[] encodeSignature(ObjectIdentifier oid, byte[] digest) {
DerOutputStream out = new DerOutputStream();
new AlgorithmId(oid).encode(out);
out.putOctetString(digest);