archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8285493: ECC calculation error

Browse source 
Reviewed-by: xuelei, ascarpino
This commit is contained in:
Weijun Wang 2022-04-28 02:52:41 +00:00
parent 89fd6d34f8
commit c1173c24bf
2 changed files with 12 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java
View file

@ -558,7 +558,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public ImmutableElement add(IntegerModuloP genB) { public ImmutableElement add(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB; Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) { if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand"); throw new ArithmeticException("Not a valid summand");
@ -596,7 +596,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public ImmutableElement multiply(IntegerModuloP genB) { public ImmutableElement multiply(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB; Element b = (Element) genB;
long[] newLimbs = new long[limbs.length]; long[] newLimbs = new long[limbs.length];
@ -612,7 +612,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
} }
public void addModPowerTwo(IntegerModuloP arg, byte[] result) { public void addModPowerTwo(IntegerModuloP arg, byte[] result) {
assert IntegerPolynomial.this == arg.getField();
Element other = (Element) arg; Element other = (Element) arg;
if (!(isSummand() && other.isSummand())) { if (!(isSummand() && other.isSummand())) {
throw new ArithmeticException("Not a valid summand"); throw new ArithmeticException("Not a valid summand");
@ -642,7 +642,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public void conditionalSet(IntegerModuloP b, int set) { public void conditionalSet(IntegerModuloP b, int set) {
assert IntegerPolynomial.this == b.getField();
Element other = (Element) b; Element other = (Element) b;
conditionalAssign(set, limbs, other.limbs); conditionalAssign(set, limbs, other.limbs);
@ -651,7 +651,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public void conditionalSwapWith(MutableIntegerModuloP b, int swap) { public void conditionalSwapWith(MutableIntegerModuloP b, int swap) {
assert IntegerPolynomial.this == b.getField();
MutableElement other = (MutableElement) b; MutableElement other = (MutableElement) b;
conditionalSwap(swap, limbs, other.limbs); conditionalSwap(swap, limbs, other.limbs);
@ -663,6 +663,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setValue(IntegerModuloP v) { public MutableElement setValue(IntegerModuloP v) {
assert IntegerPolynomial.this == v.getField();
Element other = (Element) v; Element other = (Element) v;
System.arraycopy(other.limbs, 0, limbs, 0, other.limbs.length); System.arraycopy(other.limbs, 0, limbs, 0, other.limbs.length);
@ -692,6 +693,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setProduct(IntegerModuloP genB) { public MutableElement setProduct(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB; Element b = (Element) genB;
mult(limbs, b.limbs, limbs); mult(limbs, b.limbs, limbs);
numAdds = 0; numAdds = 0;
@ -708,7 +710,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setSum(IntegerModuloP genB) { public MutableElement setSum(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB; Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) { if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand"); throw new ArithmeticException("Not a valid summand");
@ -724,7 +726,7 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setDifference(IntegerModuloP genB) { public MutableElement setDifference(IntegerModuloP genB) {
assert IntegerPolynomial.this == genB.getField();
Element b = (Element) genB; Element b = (Element) genB;
if (!(isSummand() && b.isSummand())) { if (!(isSummand() && b.isSummand())) {
throw new ArithmeticException("Not a valid summand"); throw new ArithmeticException("Not a valid summand");
@ -747,7 +749,6 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setAdditiveInverse() { public MutableElement setAdditiveInverse() {
for (int i = 0; i < limbs.length; i++) { for (int i = 0; i < limbs.length; i++) {
limbs[i] = -limbs[i]; limbs[i] = -limbs[i];
} }
@ -756,7 +757,6 @@ public abstract sealed class IntegerPolynomial implements IntegerFieldModuloP
@Override @Override
public MutableElement setReduced() { public MutableElement setReduced() {
reduce(limbs); reduce(limbs);
numAdds = 0; numAdds = 0;
return this; return this;

7
src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java
View file

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2018, 2022, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -31,6 +31,7 @@ import sun.security.util.math.*;
import static sun.security.ec.ECOperations.IntermediateValueException; import static sun.security.ec.ECOperations.IntermediateValueException;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.ProviderException; import java.security.ProviderException;
import java.security.spec.*; import java.security.spec.*;
import java.util.Arrays; import java.util.Arrays;
@ -256,10 +257,8 @@ public class ECDSAOperations {
ecOps.setSum(p1, p2.asAffine()); ecOps.setSum(p1, p2.asAffine());
IntegerModuloP result = p1.asAffine().getX(); IntegerModuloP result = p1.asAffine().getX();
result = result.additiveInverse().add(ri);
b2a(result, orderField, temp1); b2a(result, orderField, temp1);
return ECOperations.allZero(temp1); return MessageDigest.isEqual(temp1, r);
} }
public static ImmutableIntegerModuloP b2a(IntegerModuloP b, public static ImmutableIntegerModuloP b2a(IntegerModuloP b,