|
 |
2b939e |
# HG changeset patch
|
|
|
2b939e |
# User andrew
|
|
|
2b939e |
# Date 1461349033 -3600
|
|
|
2b939e |
# Fri Apr 22 19:17:13 2016 +0100
|
|
|
2b939e |
# Node ID dab76de2f91cf1791c03560a3f45aaa69f8351fd
|
|
|
2b939e |
# Parent 3fa42705acab6d69b6141f47ebba4f85739a338c
|
|
|
2b939e |
PR2934: SunEC provider throwing KeyException with current NSS
|
|
|
2b939e |
Summary: Initialise the random number generator and feed the seed to it.
|
|
|
2b939e |
|
|
|
2b939e |
diff -r 3fa42705acab -r dab76de2f91c src/share/native/sun/security/ec/ECC_JNI.cpp
|
|
|
2b939e |
--- openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Apr 20 03:39:11 2016 +0100
|
|
|
2b939e |
+++ openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Fri Apr 22 19:17:13 2016 +0100
|
|
|
2b939e |
@@ -134,8 +134,17 @@
|
|
|
2b939e |
env->GetByteArrayRegion(seed, 0, jSeedLength, pSeedBuffer);
|
|
|
2b939e |
|
|
|
2b939e |
// Generate the new keypair (using the supplied seed)
|
|
|
2b939e |
+#ifdef SYSTEM_NSS
|
|
|
2b939e |
+ if (RNG_RandomUpdate((unsigned char *) pSeedBuffer, jSeedLength)
|
|
|
2b939e |
+ != SECSuccess) {
|
|
|
2b939e |
+ ThrowException(env, KEY_EXCEPTION);
|
|
|
2b939e |
+ goto cleanup;
|
|
|
2b939e |
+ }
|
|
|
2b939e |
+ if (EC_NewKey(ecparams, &privKey) != SECSuccess) {
|
|
|
2b939e |
+#else
|
|
|
2b939e |
if (EC_NewKey(ecparams, &privKey, (unsigned char *) pSeedBuffer,
|
|
|
2b939e |
jSeedLength, 0) != SECSuccess) {
|
|
|
2b939e |
+#endif
|
|
|
2b939e |
ThrowException(env, KEY_EXCEPTION);
|
|
|
2b939e |
goto cleanup;
|
|
|
2b939e |
}
|
|
|
2b939e |
@@ -267,8 +276,18 @@
|
|
|
2b939e |
env->GetByteArrayRegion(seed, 0, jSeedLength, pSeedBuffer);
|
|
|
2b939e |
|
|
|
2b939e |
// Sign the digest (using the supplied seed)
|
|
|
2b939e |
+#ifdef SYSTEM_NSS
|
|
|
2b939e |
+ if (RNG_RandomUpdate((unsigned char *) pSeedBuffer, jSeedLength)
|
|
|
2b939e |
+ != SECSuccess) {
|
|
|
2b939e |
+ ThrowException(env, KEY_EXCEPTION);
|
|
|
2b939e |
+ goto cleanup;
|
|
|
2b939e |
+ }
|
|
|
2b939e |
+ if (ECDSA_SignDigest(&privKey, &signature_item, &digest_item)
|
|
|
2b939e |
+ != SECSuccess) {
|
|
|
2b939e |
+#else
|
|
|
2b939e |
if (ECDSA_SignDigest(&privKey, &signature_item, &digest_item,
|
|
|
2b939e |
(unsigned char *) pSeedBuffer, jSeedLength, 0) != SECSuccess) {
|
|
|
2b939e |
+#endif
|
|
|
2b939e |
ThrowException(env, KEY_EXCEPTION);
|
|
|
2b939e |
goto cleanup;
|
|
|
2b939e |
}
|
|
|
2b939e |
@@ -499,6 +518,9 @@
|
|
|
2b939e |
if (SECOID_Init() != SECSuccess) {
|
|
|
2b939e |
ThrowException(env, INTERNAL_ERROR);
|
|
|
2b939e |
}
|
|
|
2b939e |
+ if (RNG_RNGInit() != SECSuccess) {
|
|
|
2b939e |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
2b939e |
+ }
|
|
|
2b939e |
#endif
|
|
|
2b939e |
}
|
|
|
2b939e |
|
|
|
2b939e |
@@ -507,6 +529,7 @@
|
|
|
2b939e |
(JNIEnv *env, jclass UNUSED(clazz))
|
|
|
2b939e |
{
|
|
|
2b939e |
#ifdef SYSTEM_NSS
|
|
|
2b939e |
+ RNG_RNGShutdown();
|
|
|
2b939e |
if (SECOID_Shutdown() != SECSuccess) {
|
|
|
2b939e |
ThrowException(env, INTERNAL_ERROR);
|
|
|
2b939e |
}
|
|
|
2b939e |
diff -r 3fa42705acab -r dab76de2f91c src/share/native/sun/security/ec/ecc_impl.h
|
|
|
2b939e |
--- openjdk/jdk/src/share/native/sun/security/ec/ecc_impl.h Wed Apr 20 03:39:11 2016 +0100
|
|
|
2b939e |
+++ openjdk/jdk/src/share/native/sun/security/ec/ecc_impl.h Fri Apr 22 19:17:13 2016 +0100
|
|
|
2b939e |
@@ -254,8 +254,10 @@
|
|
|
2b939e |
This function is no longer required because the random bytes are now
|
|
|
2b939e |
supplied by the caller. Force a failure.
|
|
|
2b939e |
*/
|
|
|
2b939e |
+#ifndef SYSTEM_NSS
|
|
|
2b939e |
#define RNG_GenerateGlobalRandomBytes(p,l) SECFailure
|
|
|
2b939e |
#endif
|
|
|
2b939e |
+#endif
|
|
|
2b939e |
#define CHECK_MPI_OK(func) if (MP_OKAY > (err = func)) goto cleanup
|
|
|
2b939e |
#define MP_TO_SEC_ERROR(err)
|
|
|
2b939e |
|
|
|
2b939e |
@@ -267,8 +269,6 @@
|
|
|
2b939e |
|
|
|
2b939e |
#ifdef SYSTEM_NSS
|
|
|
2b939e |
#define EC_DecodeParams(a,b,c) EC_DecodeParams(a,b)
|
|
|
2b939e |
-#define EC_NewKey(a,b,c,d,e) EC_NewKey(a,b)
|
|
|
2b939e |
-#define ECDSA_SignDigest(a,b,c,d,e,f) ECDSA_SignDigest(a,b,c)
|
|
|
2b939e |
#define ECDSA_VerifyDigest(a,b,c,d) ECDSA_VerifyDigest(a,b,c)
|
|
|
2b939e |
#define ECDH_Derive(a,b,c,d,e,f) ECDH_Derive(a,b,c,d,e)
|
|
|
2b939e |
#else
|