Mercurial > hg > icedtea7-forest-aarch64 > jdk

changeset 8240:610eb1b5fd0b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
PR2135: Race condition in SunEC provider with system NSS
author andrew
date Tue, 09 Dec 2014 18:04:39 +0000
parents 9ed0bdd5de2a
children ccdc37cdfaa8
files make/sun/security/ec/Makefile make/sun/security/ec/mapfile-vers src/share/classes/sun/security/ec/SunEC.java src/share/native/sun/security/ec/ECC_JNI.cpp
diffstat 4 files changed, 45 insertions(+), 49 deletions(-) [+]
line wrap: on
line diff
--- a/make/sun/security/ec/Makefile	Fri Dec 05 09:52:04 2014 +0000
+++ b/make/sun/security/ec/Makefile	Tue Dec 09 18:04:39 2014 +0000
@@ -158,7 +158,8 @@
   FILES_export = \
       $(PKGDIR)/ECDHKeyAgreement.java \
       $(PKGDIR)/ECDSASignature.java \
-      $(PKGDIR)/ECKeyPairGenerator.java
+      $(PKGDIR)/ECKeyPairGenerator.java \
+      $(PKGDIR)/SunEC.java
 
   JAVAHFLAGS = -bootclasspath \
     "$(CLASSDESTDIR)$(CLASSPATH_SEPARATOR)$(CLASSBINDIR)$(JCE_PATH)"
--- a/make/sun/security/ec/mapfile-vers	Fri Dec 05 09:52:04 2014 +0000
+++ b/make/sun/security/ec/mapfile-vers	Tue Dec 09 18:04:39 2014 +0000
@@ -31,6 +31,8 @@
 		Java_sun_security_ec_ECDSASignature_signDigest;
 		Java_sun_security_ec_ECDSASignature_verifySignedDigest;
 		Java_sun_security_ec_ECDHKeyAgreement_deriveKey;
+		Java_sun_security_ec_SunEC_initialize;
+		Java_sun_security_ec_SunEC_cleanup;
         local:
                 *;
 };
--- a/src/share/classes/sun/security/ec/SunEC.java	Fri Dec 05 09:52:04 2014 +0000
+++ b/src/share/classes/sun/security/ec/SunEC.java	Tue Dec 09 18:04:39 2014 +0000
@@ -58,6 +58,7 @@
             AccessController.doPrivileged(new PrivilegedAction<Void>() {
                 public Void run() {
                     System.loadLibrary("sunec"); // check for native library
+                    initialize();
                     return null;
                 }
             });
@@ -81,4 +82,22 @@
         }
     }
 
+    /**
+     * Cleanup native resources during finalisation.
+     */
+    @Override
+    protected void finalize() {
+        cleanup();
+    }
+
+    /**
+     * Initialize the native code.
+     */
+    private static native void initialize();
+
+    /**
+     * Cleanup in the native layer.
+     */
+    private static native void cleanup();
+
 }
--- a/src/share/native/sun/security/ec/ECC_JNI.cpp	Fri Dec 05 09:52:04 2014 +0000
+++ b/src/share/native/sun/security/ec/ECC_JNI.cpp	Tue Dec 09 18:04:39 2014 +0000
@@ -116,13 +116,6 @@
     params_item.data =
         (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
 
-#ifdef SYSTEM_NSS
-    if (SECOID_Init() != SECSuccess) {
-	ThrowException(env, INTERNAL_ERROR);
-	goto cleanup;
-    }
-#endif
-
     // Fill a new ECParams using the supplied OID
     if (EC_DecodeParams(&params_item, &ecparams, 0) != SECSuccess) {
         /* bad curve OID */
@@ -178,11 +171,6 @@
         if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-#ifdef SYSTEM_NSS
-	    if (SECOID_Shutdown() != SECSuccess) {
-		ThrowException(env, INTERNAL_ERROR);
-	    }
-#endif
         }
 
         if (ecparams) {
@@ -246,13 +234,6 @@
     params_item.data =
         (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
 
-#ifdef SYSTEM_NSS
-    if (SECOID_Init() != SECSuccess) {
-	ThrowException(env, INTERNAL_ERROR);
-	goto cleanup;
-    }
-#endif
-
     // Fill a new ECParams using the supplied OID
     if (EC_DecodeParams(&params_item, &ecparams, 0) != SECSuccess) {
         /* bad curve OID */
@@ -294,11 +275,6 @@
         if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-#ifdef SYSTEM_NSS
-	    if (SECOID_Shutdown() != SECSuccess) {
-		ThrowException(env, INTERNAL_ERROR);
-	    }
-#endif
         }
 
         if (privKey.privateValue.data) {
@@ -367,13 +343,6 @@
     params_item.data =
         (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
 
-#ifdef SYSTEM_NSS
-    if (SECOID_Init() != SECSuccess) {
-	ThrowException(env, INTERNAL_ERROR);
-	goto cleanup;
-    }
-#endif
-
     // Fill a new ECParams using the supplied OID
     if (EC_DecodeParams(&params_item, &ecparams, 0) != SECSuccess) {
         /* bad curve OID */
@@ -397,11 +366,6 @@
         if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-#ifdef SYSTEM_NSS
-	    if (SECOID_Shutdown() != SECSuccess) {
-		ThrowException(env, INTERNAL_ERROR);
-	    }
-#endif
 	}
 
         if (pubKey.publicValue.data)
@@ -451,13 +415,6 @@
     params_item.data =
         (unsigned char *) env->GetByteArrayElements(encodedParams, 0);
 
-#ifdef SYSTEM_NSS
-    if (SECOID_Init() != SECSuccess) {
-	ThrowException(env, INTERNAL_ERROR);
-	goto cleanup;
-    }
-#endif
-
     // Fill a new ECParams using the supplied OID
     if (EC_DecodeParams(&params_item, &ecparams, 0) != SECSuccess) {
         /* bad curve OID */
@@ -499,11 +456,6 @@
         if (params_item.data) {
             env->ReleaseByteArrayElements(encodedParams,
                 (jbyte *) params_item.data, JNI_ABORT);
-#ifdef SYSTEM_NSS
-	    if (SECOID_Shutdown() != SECSuccess) {
-		ThrowException(env, INTERNAL_ERROR);
-	    }
-#endif
 	}
 
         if (ecparams)
@@ -513,4 +465,26 @@
     return jSecret;
 }
 
+JNIEXPORT void
+JNICALL Java_sun_security_ec_SunEC_initialize
+  (JNIEnv *env, jclass UNUSED(clazz))
+{
+#ifdef SYSTEM_NSS
+    if (SECOID_Init() != SECSuccess) {
+	ThrowException(env, INTERNAL_ERROR);
+    }
+#endif
+}
+
+JNIEXPORT void
+JNICALL Java_sun_security_ec_SunEC_cleanup
+  (JNIEnv *env, jclass UNUSED(clazz))
+{
+#ifdef SYSTEM_NSS
+    if (SECOID_Shutdown() != SECSuccess) {
+	ThrowException(env, INTERNAL_ERROR);
+    }
+#endif
+}
+
 } /* extern "C" */