archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8286908: ECDSA signature should not return parameters

Browse source 
Reviewed-by: ascarpino, hchao, valeriep
This commit is contained in:
Weijun Wang 2022-05-23 13:34:23 +00:00
parent 689f80cbad
commit 8040aa0073
4 changed files with 73 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

15
src/java.base/share/classes/sun/security/util/SignatureUtil.java
View file

@ -151,17 +151,10 @@ public class SignatureUtil {
createAlgorithmParameters(sigName, paramBytes);
paramSpec = RSAUtil.getParamSpec(params);
} else if (sigName.contains("ECDSA")) {
try {
Provider p = Signature.getInstance(sigName).getProvider();
paramSpec = ECUtil.getECParameterSpec(p, paramBytes);
} catch (Exception e) {
throw new ProviderException("Error handling EC parameters", e);
}
// ECUtil discards exception and returns null, so we need to check
// the returned value
if (paramSpec == null) {
throw new ProviderException("Error handling EC parameters");
}
// Some certificates have params in an ECDSA algorithmID.
// According to RFC 3279 2.2.3 and RFC 5758 3.2,
// they are useless and should be ignored.
return null;
} else {
throw new ProviderException
("Unrecognized algorithm for signature parameters " +