OpenJDK / jdk / jdk
changeset 57561:d54ce919da90 jdk-14+30
8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId
Reviewed-by: xuelei
| author | weijun |
|---|---|
| date | Wed, 25 Dec 2019 07:17:25 +0800 |
| parents | 2877992dadf9 |
| children | 249100958693 |
| files | src/java.base/share/classes/sun/security/x509/AlgorithmId.java test/jdk/sun/security/pkcs11/PKCS11Test.java |
| diffstat | 2 files changed, 16 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.base/share/classes/sun/security/x509/AlgorithmId.java Tue Dec 24 16:49:37 2019 +0300 +++ b/src/java.base/share/classes/sun/security/x509/AlgorithmId.java Wed Dec 25 07:17:25 2019 +0800 @@ -239,6 +239,9 @@ * return a name such as "MD5withRSA" for a signature algorithm on * some systems. It also returns names like "OID.1.2.3.4", when * no particular name for the algorithm is known. + * + * Note: for ecdsa-with-SHA2 plus hash algorithm (Ex: SHA-256), this method + * returns the "full" signature algorithm (Ex: SHA256withECDSA) directly. */ public String getName() { String algName = nameTable.get(algid); @@ -248,7 +251,7 @@ if ((params != null) && algid.equals((Object)specifiedWithECDSA_oid)) { try { AlgorithmId paramsId = - AlgorithmId.parse(new DerValue(getEncodedParams())); + AlgorithmId.parse(new DerValue(params.toByteArray())); String paramsName = paramsId.getName(); algName = makeSigAlg(paramsName, "EC"); } catch (IOException e) { @@ -264,12 +267,18 @@ /** * Returns the DER encoded parameter, which can then be - * used to initialize java.security.AlgorithmParamters. + * used to initialize java.security.AlgorithmParameters. + * + * Note: for ecdsa-with-SHA2 plus hash algorithm (Ex: SHA-256), this method + * returns null because {@link #getName()} has already returned the "full" + * signature algorithm (Ex: SHA256withECDSA). * * @return DER encoded parameters, or null not present. */ public byte[] getEncodedParams() throws IOException { - return (params == null) ? null : params.toByteArray(); + return (params == null || algid.equals(specifiedWithECDSA_oid)) + ? null + : params.toByteArray(); } /**
--- a/test/jdk/sun/security/pkcs11/PKCS11Test.java Tue Dec 24 16:49:37 2019 +0300 +++ b/test/jdk/sun/security/pkcs11/PKCS11Test.java Wed Dec 25 07:17:25 2019 +0800 @@ -83,11 +83,11 @@ static { // hack String absBase = new File(BASE).getAbsolutePath(); - int k = absBase.indexOf(SEP + "test" + SEP + "sun" + SEP); + int k = absBase.indexOf(SEP + "test" + SEP + "jdk" + SEP); if (k < 0) k = 0; - String p1 = absBase.substring(0, k + 6); - String p2 = absBase.substring(k + 5); - CLOSED_BASE = p1 + "closed" + p2; + String p1 = absBase.substring(0, k); + String p2 = absBase.substring(k); + CLOSED_BASE = p1 + "/../closed" + p2; // set it as a system property to make it available in policy file System.setProperty("closed.base", CLOSED_BASE);