From db89805fe0329ba66fd29d97890af34a3633514d Mon Sep 17 00:00:00 2001 From: Ivan Gerasimov <igerasim@openjdk.org> Date: Fri, 18 Jan 2019 15:44:17 -0800 Subject: [PATCH] 8217344: Make comparison overflow-aware in ECDHKeyAgreement.engineGenerateSecret() Reviewed-by: apetcher --- .../share/classes/sun/security/ec/ECDHKeyAgreement.java | 4 ++-- .../share/classes/sun/security/ec/ECDSASignature.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java index 9540a2d0e7c..20558211f3e 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -178,7 +178,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi { @Override protected int engineGenerateSecret(byte[] sharedSecret, int offset) throws IllegalStateException, ShortBufferException { - if (offset + secretLen > sharedSecret.length) { + if (secretLen > sharedSecret.length - offset) { throw new ShortBufferException("Need " + secretLen + " bytes, only " + (sharedSecret.length - offset) + " available"); diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java index 9a7a671b062..c207520a192 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2019, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -163,7 +163,7 @@ abstract class ECDSASignature extends SignatureSpi { if (len <= 0) { return; } - if (offset + len >= precomputedDigest.length) { + if (len >= precomputedDigest.length - offset) { offset = RAW_ECDSA_MAX + 1; return; }