JDK-2188848 : Cannot decode PublicKey (Provider SunPKCS11, curve prime256v1)
  • Type: Backport
  • Backport of: JDK-6763530
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2010-02-22
  • Updated: 2011-07-18
  • Resolved: 2010-02-24
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 Other
7Fixed OpenJDK6Fixed
Comments
SUGGESTED FIX # HG changeset patch # User vinnie # Date 1264118381 0 # Node ID 82b80660cac3214cded2cd40a6369414ee3c314c # Parent a24826f1beaac1dd7297a4b966cf8ca59e8273ff 6763530: Cannot decode PublicKey (Proider SunPKCS11, curve prime256v1) Reviewed-by: andrew --- a/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java Wed Oct 29 01:52:22 2008 +0300 +++ b/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java Thu Jan 21 23:59:41 2010 +0000 @@ -39,6 +39,8 @@ import static sun.security.pkcs11.Templa import static sun.security.pkcs11.TemplateManager.*; import sun.security.pkcs11.wrapper.*; import static sun.security.pkcs11.wrapper.PKCS11Constants.*; + +import sun.security.util.DerValue; /** * EC KeyFactory implemenation. @@ -201,7 +203,16 @@ final class P11ECKeyFactory extends P11K private PublicKey generatePublic(ECPoint point, ECParameterSpec params) throws PKCS11Exception { byte[] encodedParams = ECParameters.encodeParameters(params); - byte[] encodedPoint = ECParameters.encodePoint(point, params.getCurve()); + byte[] encodedPoint = null; + DerValue pkECPoint = new DerValue(DerValue.tag_OctetString, + ECParameters.encodePoint(point, params.getCurve())); + + try { + encodedPoint = pkECPoint.toByteArray(); + } catch (IOException e) { + throw new IllegalArgumentException("Could not DER encode point", e); + } + CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { new CK_ATTRIBUTE(CKA_CLASS, CKO_PUBLIC_KEY), new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), --- a/src/share/classes/sun/security/pkcs11/P11Key.java Wed Oct 29 01:52:22 2008 +0300 +++ b/src/share/classes/sun/security/pkcs11/P11Key.java Thu Jan 21 23:59:41 2010 +0000 @@ -44,6 +44,8 @@ import sun.security.pkcs11.wrapper.*; import sun.security.pkcs11.wrapper.*; import static sun.security.pkcs11.wrapper.PKCS11Constants.*; +import sun.security.util.DerValue; + /** * Key implementation classes. * @@ -1016,8 +1018,16 @@ abstract class P11Key implements Key { try { params = P11ECKeyFactory.decodeParameters (attributes[1].getByteArray()); + DerValue wECPoint = new DerValue(attributes[0].getByteArray()); + if (wECPoint.getTag() != DerValue.tag_OctetString) + throw new IOException("Unexpected tag: " + + wECPoint.getTag()); + params = P11ECKeyFactory.decodeParameters + (attributes[1].getByteArray()); w = P11ECKeyFactory.decodePoint - (attributes[0].getByteArray(), params.getCurve()); + (wECPoint.getDataBytes(), params.getCurve()); + + } catch (Exception e) { throw new RuntimeException("Could not parse key values", e); }
24-02-2010
PUBLIC COMMENTS See http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/82b80660cac3
24-02-2010
EVALUATION Yes.
22-02-2010