diff --git a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java index f26ab6eb921..79daca151f1 100644 --- a/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java +++ b/src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -294,7 +294,13 @@ final class P11ECKeyFactory extends P11KeyFactory { try { token.p11.C_GetAttributeValue(session[0].id(), keyID, attributes); ECParameterSpec params = decodeParameters(attributes[1].getByteArray()); - ECPoint point = decodePoint(attributes[0].getByteArray(), params.getCurve()); + ECPoint point; + + if (!token.config.getUseEcX963Encoding()) { + point = decodePoint(new DerValue(attributes[0].getByteArray()).getOctetString(), params.getCurve()); + } else { + point = decodePoint(attributes[0].getByteArray(), params.getCurve()); + } return keySpec.cast(new ECPublicKeySpec(point, params)); } catch (IOException e) { throw new InvalidKeySpecException("Could not parse key", e); diff --git a/test/jdk/ProblemList.txt b/test/jdk/ProblemList.txt index 9dc6a663dd8..0bd8eb8f5ab 100644 --- a/test/jdk/ProblemList.txt +++ b/test/jdk/ProblemList.txt @@ -661,7 +661,6 @@ com/sun/nio/sctp/SctpChannel/SocketOptionTests.java 8141694 linux-al # jdk_security -sun/security/pkcs11/ec/TestKeyFactory.java 8026976 generic-all sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java 8161536 generic-all sun/security/tools/keytool/ListKeychainStore.sh 8156889 macosx-all