From cd645d14d20e9e7a777d3c6677a186961f36b936 Mon Sep 17 00:00:00 2001 From: John Jiang Date: Wed, 17 Jan 2024 13:02:44 +0800 Subject: [PATCH] TKSS-639: Backport JDK-8320449: ECDHKeyAgreement should validate parameters before using them --- .../sun/security/ec/ECDHKeyAgreement.java | 35 +++++++++---------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/kona-crypto/src/main/java/com/tencent/kona/sun/security/ec/ECDHKeyAgreement.java b/kona-crypto/src/main/java/com/tencent/kona/sun/security/ec/ECDHKeyAgreement.java index edbadbb6..f153dfd7 100644 --- a/kona-crypto/src/main/java/com/tencent/kona/sun/security/ec/ECDHKeyAgreement.java +++ b/kona-crypto/src/main/java/com/tencent/kona/sun/security/ec/ECDHKeyAgreement.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -25,13 +25,11 @@ package com.tencent.kona.sun.security.ec; -import com.tencent.kona.sun.security.ec.point.AffinePoint; import com.tencent.kona.sun.security.ec.point.Point; import com.tencent.kona.sun.security.util.ArrayUtil; import com.tencent.kona.sun.security.util.CurveDB; import com.tencent.kona.sun.security.util.ECUtil; import com.tencent.kona.sun.security.util.NamedCurve; -import com.tencent.kona.sun.security.util.math.ImmutableIntegerModuloP; import com.tencent.kona.sun.security.util.math.IntegerFieldModuloP; import com.tencent.kona.sun.security.util.math.MutableIntegerModuloP; import com.tencent.kona.sun.security.util.math.SmallValue; @@ -81,22 +79,27 @@ public ECDHKeyAgreement() { // Generic init private void init(Key key) throws InvalidKeyException, InvalidAlgorithmParameterException { + privateKey = null; + privateKeyOps = null; + publicKey = null; + if (!(key instanceof PrivateKey)) { throw new InvalidKeyException("Key must be instance of PrivateKey"); } - privateKey = (ECPrivateKey)ECKeyFactory.toECKey(key); - publicKey = null; - namedCurve = CurveDB.lookup(privateKey.getParams()); + ECPrivateKey ecPrivateKey = (ECPrivateKey)ECKeyFactory.toECKey(key); Optional opsOpt = - ECOperations.forParameters(privateKey.getParams()); + ECOperations.forParameters(ecPrivateKey.getParams()); if (!opsOpt.isPresent()) { + NamedCurve nc = CurveDB.lookup(ecPrivateKey.getParams()); throw new InvalidAlgorithmParameterException( - "Curve not supported: " + (namedCurve != null ? namedCurve.toString() : - "unknown")); + "Curve not supported: " + (nc != null ? nc.toString() : + "unknown")); } + ECUtil.checkPrivateKey(ecPrivateKey); + + privateKey = ecPrivateKey; privateKeyOps = opsOpt.get(); - ECUtil.checkPrivateKey(privateKey); } // see JCE spec @@ -141,26 +144,22 @@ protected Key engineDoPhase(Key key, boolean lastPhase) ("Key must be a PublicKey with algorithm EC"); } + // Validate public key + validate(privateKeyOps, (ECPublicKey) key); + this.publicKey = (ECPublicKey) key; int keyLenBits = publicKey.getParams().getCurve().getField().getFieldSize(); secretLen = (keyLenBits + 7) >> 3; - // Validate public key - validate(privateKeyOps, publicKey); - return null; } // Verify that x and y are integers in the interval [0, p - 1]. private static void validateCoordinate(BigInteger c, BigInteger mod) throws InvalidKeyException{ - if (c.compareTo(BigInteger.ZERO) < 0) { - throw new InvalidKeyException("Invalid coordinate"); - } - - if (c.compareTo(mod) >= 0) { + if (c.compareTo(BigInteger.ZERO) < 0 || c.compareTo(mod) >= 0) { throw new InvalidKeyException("Invalid coordinate"); } }