From 94a2b9f8d486301c9b27c6ba3aa83770ff88c738 Mon Sep 17 00:00:00 2001 From: Zainab Fatmi Date: Thu, 4 Aug 2022 11:25:53 -0400 Subject: [PATCH] Fix race condition when creating the native pointer for an EC key Signed-off-by: Zainab Fatmi --- .../sun/security/ec/ECPrivateKeyImpl.java | 27 ++++++++++--------- .../sun/security/ec/ECPublicKeyImpl.java | 27 ++++++++++--------- 2 files changed, 28 insertions(+), 26 deletions(-) diff --git a/jdk/src/share/classes/sun/security/ec/ECPrivateKeyImpl.java b/jdk/src/share/classes/sun/security/ec/ECPrivateKeyImpl.java index b99c605932c..19286c32c97 100644 --- a/jdk/src/share/classes/sun/security/ec/ECPrivateKeyImpl.java +++ b/jdk/src/share/classes/sun/security/ec/ECPrivateKeyImpl.java @@ -237,9 +237,9 @@ boolean isECFieldF2m() { * @return the native EC public key context pointer or -1 on error */ long getNativePtr() { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { synchronized (this) { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { ECPoint generator = this.params.getGenerator(); EllipticCurve curve = this.params.getCurve(); ECField field = curve.getField(); @@ -249,26 +249,27 @@ long getNativePtr() { byte[] gy = generator.getAffineY().toByteArray(); byte[] n = this.params.getOrder().toByteArray(); byte[] h = BigInteger.valueOf(this.params.getCofactor()).toByteArray(); - byte[] p = new byte[0]; + long nativePointer; if (field instanceof ECFieldFp) { - p = ((ECFieldFp)field).getP().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + byte[] p = ((ECFieldFp)field).getP().toByteArray(); + nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else if (field instanceof ECFieldF2m) { - p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + byte[] p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); + nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else { - nativeECKey = -1; + nativePointer = -1; } - if (nativeECKey != -1) { - nativeCrypto.createECKeyCleaner(this, nativeECKey); + if (nativePointer != -1) { + nativeCrypto.createECKeyCleaner(this, nativePointer); byte[] value = this.getS().toByteArray(); - if (nativeCrypto.ECCreatePrivateKey(nativeECKey, value, value.length) == -1) { - nativeECKey = -1; + if (nativeCrypto.ECCreatePrivateKey(nativePointer, value, value.length) == -1) { + nativePointer = -1; } } + this.nativeECKey = nativePointer; } } } - return nativeECKey; + return this.nativeECKey; } } diff --git a/jdk/src/share/classes/sun/security/ec/ECPublicKeyImpl.java b/jdk/src/share/classes/sun/security/ec/ECPublicKeyImpl.java index 609bf045b00..27aa3e7f887 100644 --- a/jdk/src/share/classes/sun/security/ec/ECPublicKeyImpl.java +++ b/jdk/src/share/classes/sun/security/ec/ECPublicKeyImpl.java @@ -153,9 +153,9 @@ boolean isECFieldF2m() { * @return the native EC public key context pointer or -1 on error */ long getNativePtr() { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { synchronized (this) { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { ECPoint generator = this.params.getGenerator(); EllipticCurve curve = this.params.getCurve(); ECField field = curve.getField(); @@ -165,29 +165,30 @@ long getNativePtr() { byte[] gy = generator.getAffineY().toByteArray(); byte[] n = this.params.getOrder().toByteArray(); byte[] h = BigInteger.valueOf(this.params.getCofactor()).toByteArray(); - byte[] p = new byte[0]; + long nativePointer; int fieldType = 0; if (field instanceof ECFieldFp) { - p = ((ECFieldFp)field).getP().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + byte[] p = ((ECFieldFp)field).getP().toByteArray(); + nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else if (field instanceof ECFieldF2m) { fieldType = 1; - p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + byte[] p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); + nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else { - nativeECKey = -1; + nativePointer = -1; } - if (nativeECKey != -1) { - nativeCrypto.createECKeyCleaner(this, nativeECKey); + if (nativePointer != -1) { + nativeCrypto.createECKeyCleaner(this, nativePointer); byte[] x = this.w.getAffineX().toByteArray(); byte[] y = this.w.getAffineY().toByteArray(); - if (nativeCrypto.ECCreatePublicKey(nativeECKey, x, x.length, y, y.length, fieldType) == -1) { - nativeECKey = -1; + if (nativeCrypto.ECCreatePublicKey(nativePointer, x, x.length, y, y.length, fieldType) == -1) { + nativePointer = -1; } } + this.nativeECKey = nativePointer; } } } - return nativeECKey; + return this.nativeECKey; } }