|
|
045ef6 |
# HG changeset patch
|
|
|
045ef6 |
# User andrew
|
|
|
045ef6 |
# Date 1453866306 0
|
|
|
045ef6 |
# Wed Jan 27 03:45:06 2016 +0000
|
|
|
045ef6 |
# Node ID 0ff7720931e8dbf7de25720bdc93b18527ab89e8
|
|
|
045ef6 |
# Parent 48c15869ecd568263249af4b9a4e98d4e57f9a8f
|
|
|
045ef6 |
PR2127: SunEC provider crashes when built using system NSS
|
|
|
045ef6 |
Summary: Use NSS memory management functions
|
|
|
045ef6 |
|
|
|
045ef6 |
diff -r 48c15869ecd5 -r 0ff7720931e8 src/share/native/sun/security/ec/ECC_JNI.cpp
|
|
|
045ef6 |
--- openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jan 27 02:54:06 2016 +0000
|
|
|
045ef6 |
+++ openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jan 27 03:45:06 2016 +0000
|
|
|
045ef6 |
@@ -32,6 +32,13 @@
|
|
|
045ef6 |
#define INVALID_PARAMETER_EXCEPTION \
|
|
|
045ef6 |
"java/security/InvalidParameterException"
|
|
|
045ef6 |
#define KEY_EXCEPTION "java/security/KeyException"
|
|
|
045ef6 |
+#define INTERNAL_ERROR "java/lang/InternalError"
|
|
|
045ef6 |
+
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+#define SYSTEM_UNUSED(x) UNUSED(x)
|
|
|
045ef6 |
+#else
|
|
|
045ef6 |
+#define SYSTEM_UNUSED(x) x
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
|
|
|
045ef6 |
extern "C" {
|
|
|
045ef6 |
|
|
|
045ef6 |
@@ -49,8 +56,13 @@
|
|
|
045ef6 |
/*
|
|
|
045ef6 |
* Deep free of the ECParams struct
|
|
|
045ef6 |
*/
|
|
|
045ef6 |
-void FreeECParams(ECParams *ecparams, jboolean freeStruct)
|
|
|
045ef6 |
+void FreeECParams(ECParams *ecparams, jboolean SYSTEM_UNUSED(freeStruct))
|
|
|
045ef6 |
{
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ // Needs to be freed using the matching method to the one
|
|
|
045ef6 |
+ // that allocated it. PR_TRUE means the memory is zeroed.
|
|
|
045ef6 |
+ PORT_FreeArena(ecparams->arena, PR_TRUE);
|
|
|
045ef6 |
+#else
|
|
|
045ef6 |
// Use B_FALSE to free the SECItem->data element, but not the SECItem itself
|
|
|
045ef6 |
// Use B_TRUE to free both
|
|
|
045ef6 |
|
|
|
045ef6 |
@@ -64,6 +76,7 @@
|
|
|
045ef6 |
SECITEM_FreeItem(&ecparams->curveOID, B_FALSE);
|
|
|
045ef6 |
if (freeStruct)
|
|
|
045ef6 |
free(ecparams);
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem)
|
|
|
045ef6 |
@@ -108,6 +121,13 @@
|
|
|
045ef6 |
goto cleanup;
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Init() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ goto cleanup;
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+
|
|
|
045ef6 |
// Fill a new ECParams using the supplied OID
|
|
|
045ef6 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
|
|
|
045ef6 |
/* bad curve OID */
|
|
|
045ef6 |
@@ -163,16 +183,26 @@
|
|
|
045ef6 |
if (params_item.data) {
|
|
|
045ef6 |
env->ReleaseByteArrayElements(encodedParams,
|
|
|
045ef6 |
(jbyte *) params_item.data, JNI_ABORT);
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Shutdown() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
}
|
|
|
045ef6 |
if (ecparams) {
|
|
|
045ef6 |
FreeECParams(ecparams, true);
|
|
|
045ef6 |
}
|
|
|
045ef6 |
if (privKey) {
|
|
|
045ef6 |
FreeECParams(&privKey->ecParams, false);
|
|
|
045ef6 |
+#ifndef SYSTEM_NSS
|
|
|
045ef6 |
+ // The entire ECPrivateKey is allocated in the arena
|
|
|
045ef6 |
+ // when using system NSS, so only the in-tree version
|
|
|
045ef6 |
+ // needs to clear these manually.
|
|
|
045ef6 |
SECITEM_FreeItem(&privKey->version, B_FALSE);
|
|
|
045ef6 |
SECITEM_FreeItem(&privKey->privateValue, B_FALSE);
|
|
|
045ef6 |
SECITEM_FreeItem(&privKey->publicValue, B_FALSE);
|
|
|
045ef6 |
free(privKey);
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
if (pSeedBuffer) {
|
|
|
045ef6 |
@@ -223,6 +253,13 @@
|
|
|
045ef6 |
goto cleanup;
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Init() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ goto cleanup;
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+
|
|
|
045ef6 |
// Fill a new ECParams using the supplied OID
|
|
|
045ef6 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
|
|
|
045ef6 |
/* bad curve OID */
|
|
|
045ef6 |
@@ -270,6 +307,11 @@
|
|
|
045ef6 |
if (params_item.data) {
|
|
|
045ef6 |
env->ReleaseByteArrayElements(encodedParams,
|
|
|
045ef6 |
(jbyte *) params_item.data, JNI_ABORT);
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Shutdown() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
}
|
|
|
045ef6 |
if (privKey.privateValue.data) {
|
|
|
045ef6 |
env->ReleaseByteArrayElements(privateKey,
|
|
|
045ef6 |
@@ -336,6 +378,13 @@
|
|
|
045ef6 |
goto cleanup;
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Init() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ goto cleanup;
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+
|
|
|
045ef6 |
// Fill a new ECParams using the supplied OID
|
|
|
045ef6 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
|
|
|
045ef6 |
/* bad curve OID */
|
|
|
045ef6 |
@@ -356,9 +405,15 @@
|
|
|
045ef6 |
|
|
|
045ef6 |
cleanup:
|
|
|
045ef6 |
{
|
|
|
045ef6 |
- if (params_item.data)
|
|
|
045ef6 |
+ if (params_item.data) {
|
|
|
045ef6 |
env->ReleaseByteArrayElements(encodedParams,
|
|
|
045ef6 |
(jbyte *) params_item.data, JNI_ABORT);
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Shutdown() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
|
|
|
045ef6 |
if (pubKey.publicValue.data)
|
|
|
045ef6 |
env->ReleaseByteArrayElements(publicKey,
|
|
|
045ef6 |
@@ -419,6 +474,13 @@
|
|
|
045ef6 |
goto cleanup;
|
|
|
045ef6 |
}
|
|
|
045ef6 |
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Init() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ goto cleanup;
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+
|
|
|
045ef6 |
// Fill a new ECParams using the supplied OID
|
|
|
045ef6 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) {
|
|
|
045ef6 |
/* bad curve OID */
|
|
|
045ef6 |
@@ -460,9 +522,15 @@
|
|
|
045ef6 |
env->ReleaseByteArrayElements(publicKey,
|
|
|
045ef6 |
(jbyte *) publicValue_item.data, JNI_ABORT);
|
|
|
045ef6 |
|
|
|
045ef6 |
- if (params_item.data)
|
|
|
045ef6 |
+ if (params_item.data) {
|
|
|
045ef6 |
env->ReleaseByteArrayElements(encodedParams,
|
|
|
045ef6 |
(jbyte *) params_item.data, JNI_ABORT);
|
|
|
045ef6 |
+#ifdef SYSTEM_NSS
|
|
|
045ef6 |
+ if (SECOID_Shutdown() != SECSuccess) {
|
|
|
045ef6 |
+ ThrowException(env, INTERNAL_ERROR);
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
+#endif
|
|
|
045ef6 |
+ }
|
|
|
045ef6 |
|
|
|
045ef6 |
if (ecparams)
|
|
|
045ef6 |
FreeECParams(ecparams, true);
|