Mercurial > hg > icedtea7-forest > jdk
changeset 8543:a2e056f64643 jdk7u80-b11
Merge
author | asaha |
---|---|
date | Thu, 09 Apr 2015 21:30:59 -0700 |
parents | 3c3bbffc20ac (current diff) 643166b10b98 (diff) |
children | 98fc487eea72 |
files | .hgtags |
diffstat | 4 files changed, 28 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/.hgtags Fri Feb 13 17:52:12 2015 +0000 +++ b/.hgtags Thu Apr 09 21:30:59 2015 -0700 @@ -565,6 +565,7 @@ f94dd20a1efaa3b0b4345992330dfe7cddae343b jdk7u79-b08 4fca88d471f4020266574064fa65787083ab1274 jdk7u79-b09 a476addbc2a4c88b34e5aacfe00bfc635f895c14 jdk7u79-b10 +fd0139b86bc186ebfc2715266b70da08b0af6132 jdk7u79-b11 f33e6ea5f4832468dd86a8d48ef50479ce91111e jdk7u80-b06 feb04280659bf05b567dc725ff53e2a2077bdbb7 jdk7u80-b07 f1334857fa99e6472870986b6071f9405c29ced4 jdk7u80-b08
--- a/src/share/classes/com/sun/crypto/provider/RSACipher.java Fri Feb 13 17:52:12 2015 +0000 +++ b/src/share/classes/com/sun/crypto/provider/RSACipher.java Thu Apr 09 21:30:59 2015 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -351,7 +351,7 @@ switch (mode) { case MODE_SIGN: data = padding.pad(buffer, 0, bufOfs); - return RSACore.rsa(data, privateKey); + return RSACore.rsa(data, privateKey, true); case MODE_VERIFY: byte[] verifyBuffer = RSACore.convert(buffer, 0, bufOfs); data = RSACore.rsa(verifyBuffer, publicKey); @@ -361,7 +361,7 @@ return RSACore.rsa(data, publicKey); case MODE_DECRYPT: byte[] decryptBuffer = RSACore.convert(buffer, 0, bufOfs); - data = RSACore.rsa(decryptBuffer, privateKey); + data = RSACore.rsa(decryptBuffer, privateKey, false); return padding.unpad(data); default: throw new AssertionError("Internal error");
--- a/src/share/classes/sun/security/rsa/RSACore.java Fri Feb 13 17:52:12 2015 +0000 +++ b/src/share/classes/sun/security/rsa/RSACore.java Thu Apr 09 21:30:59 2015 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -102,12 +102,24 @@ /** * Perform an RSA private key operation. Uses CRT if the key is a - * CRT key. + * CRT key with additional verification check after the signature + * is computed. */ + @Deprecated public static byte[] rsa(byte[] msg, RSAPrivateKey key) throws BadPaddingException { + return rsa(msg, key, true); + } + + /** + * Perform an RSA private key operation. Uses CRT if the key is a + * CRT key. Set 'verify' to true if this function is used for + * generating a signature. + */ + public static byte[] rsa(byte[] msg, RSAPrivateKey key, boolean verify) + throws BadPaddingException { if (key instanceof RSAPrivateCrtKey) { - return crtCrypt(msg, (RSAPrivateCrtKey)key); + return crtCrypt(msg, (RSAPrivateCrtKey)key, verify); } else { return priCrypt(msg, key.getModulus(), key.getPrivateExponent()); } @@ -148,10 +160,11 @@ * RSA private key operations with CRT. Algorithm and variable naming * are taken from PKCS#1 v2.1, section 5.1.2. */ - private static byte[] crtCrypt(byte[] msg, RSAPrivateCrtKey key) - throws BadPaddingException { + private static byte[] crtCrypt(byte[] msg, RSAPrivateCrtKey key, + boolean verify) throws BadPaddingException { BigInteger n = key.getModulus(); - BigInteger c = parseMsg(msg, n); + BigInteger c0 = parseMsg(msg, n); + BigInteger c = c0; BigInteger p = key.getPrimeP(); BigInteger q = key.getPrimeQ(); BigInteger dP = key.getPrimeExponentP(); @@ -184,6 +197,9 @@ if (ENABLE_BLINDING) { m = m.multiply(brp.v).mod(n); } + if (verify && !c0.equals(m.modPow(e, n))) { + throw new BadPaddingException("RSA private key operation failed"); + } return toByteArray(m, getByteLength(n)); }
--- a/src/share/classes/sun/security/rsa/RSASignature.java Fri Feb 13 17:52:12 2015 +0000 +++ b/src/share/classes/sun/security/rsa/RSASignature.java Thu Apr 09 21:30:59 2015 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -174,7 +174,7 @@ try { byte[] encoded = encodeSignature(digestOID, digest); byte[] padded = padding.pad(encoded); - byte[] encrypted = RSACore.rsa(padded, privateKey); + byte[] encrypted = RSACore.rsa(padded, privateKey, true); return encrypted; } catch (GeneralSecurityException e) { throw new SignatureException("Could not sign data", e);