Projects
Mega:23.03
openjdk-1.8.0
_service:tar_scm:penetration_testing_vulnerabil...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:penetration_testing_vulnerability_fix.patch of Package openjdk-1.8.0
diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEDHKeyPairGenerator.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEDHKeyPairGenerator.java index 429c65fc0..6094c82a1 100644 --- a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEDHKeyPairGenerator.java +++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEDHKeyPairGenerator.java @@ -148,6 +148,9 @@ public class KAEDHKeyPairGenerator throw new ProviderException("Invoke nativeGenerateKeyPair failed.", e); } + // check keys + checkKeys(keys); + BigInteger pubKey = new BigInteger(keys[0]); BigInteger priKey = new BigInteger(keys[1]); @@ -162,5 +165,21 @@ public class KAEDHKeyPairGenerator throw new ProviderException(ikse); } } + + private void checkKeys(byte[][] keys) { + if (keys == null) { + throw new ProviderException("Invalid keys, keys is null."); + } + // The keys needs to contain at least 2 byte arrays, which are public and private keys. + if (keys.length < 2) { + throw new ProviderException("Invalid keys, keys length is less than 2."); + } + for (int i = 0; i < keys.length; i++) { + if (keys[i] == null) { + throw new ProviderException("Invalid keys, keys[" + i + "]" + "is null."); + } + } + } + protected native static byte[][] nativeGenerateKeyPair(byte[] p, byte[] g, int lSize); } diff --git a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEECKeyPairGenerator.java b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEECKeyPairGenerator.java index 5f0c4db05..812980608 100644 --- a/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEECKeyPairGenerator.java +++ b/jdk/src/solaris/classes/org/openeuler/security/openssl/KAEECKeyPairGenerator.java @@ -65,9 +65,8 @@ public class KAEECKeyPairGenerator extends KeyPairGeneratorSpi { private ECParameterSpec getParamsByCurve(String curveName) { byte[][] params = nativeGenerateParam(curveName); - if (params == null) { - throw new InvalidParameterException("unknown curve " + curveName); - } + // check params + checkParams(params, curveName); BigInteger p = new BigInteger(params[0]); BigInteger a = new BigInteger(params[1]); BigInteger b = new BigInteger(params[2]); @@ -82,6 +81,21 @@ public class KAEECKeyPairGenerator extends KeyPairGeneratorSpi { return spec; } + private void checkParams(byte[][] params, String curveName) { + if (params == null) { + throw new InvalidParameterException("Unknown curve " + curveName); + } + // The params needs to contain at least 7 byte arrays, which are p,a,b,x,y,order and cofactor. + if (params.length < 7) { + throw new InvalidParameterException("The params length is less than 7."); + } + for (int i = 0; i < params.length; i++) { + if (params[i] == null) { + throw new InvalidParameterException("The params[" + i + "]" + "is null."); + } + } + } + @Override public void initialize(AlgorithmParameterSpec param, SecureRandom random) throws InvalidAlgorithmParameterException { if (param instanceof ECParameterSpec) { diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_exception.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_exception.c index 9ccc617c4..a43da7b30 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_exception.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_exception.c @@ -105,14 +105,10 @@ void KAE_ThrowFromOpenssl(JNIEnv* env, const char* msg, void (* defaultException KAE_TRACE("OpenSSL error in %s: err=%lx, lib=%x, reason=%x, file=%s, line=%d, estring=%s, data=%s", msg, err, lib, reason, file, line, estring, (flags & ERR_TXT_STRING) ? data : "(no data)"); - switch (lib) { - case ERR_LIB_EVP: - case ERR_LIB_RSA: - KAE_ThrowEvpException(env, reason, estring, defaultException); - break; - default: - defaultException(env, estring); - break; + if (lib == ERR_LIB_EVP || lib == ERR_LIB_RSA) { + KAE_ThrowEvpException(env, reason, estring, defaultException); + } else { + defaultException(env, estring); } } diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c index 7b28fa1fa..554a9750c 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_hmac.c @@ -182,7 +182,7 @@ JNIEXPORT jint JNICALL Java_org_openeuler_security_openssl_KAEHMac_nativeFinal // write back to output_array (*env)->SetByteArrayRegion(env, output, out_offset, bytesWritten, (jbyte*) temp_result); - KAE_TRACE("KAEHMac_nativeFinal success, output_offset = %d, bytesWritten = %d", out_offset, bytesWritten); + KAE_TRACE("KAEHMac_nativeFinal success, output_offset = %d, bytesWritten = %u", out_offset, bytesWritten); cleanup: free(temp_result); diff --git a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c index 0b23aa7d6..2ca978bbe 100644 --- a/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c +++ b/jdk/src/solaris/native/org/openeuler/security/openssl/kae_keypairgenerator_rsa.c @@ -136,7 +136,8 @@ static jobjectArray NewRSAKeyParams(JNIEnv* env, RSA* rsa) { } // set rsa key param - for (RSAParamIndex paramIndex = rsaN; paramIndex <= rsaIqmp; paramIndex++) { + RSAParamIndex paramIndex; + for (paramIndex = rsaN; paramIndex <= rsaIqmp; paramIndex++) { if (!SetRSAKeyParam(env, rsa, params, paramIndex)) { return NULL; }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2