Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7198901: correct the field size check when decoding a point on ECC curve
authorvinnie
Tue, 18 Sep 2012 11:08:48 +0100
changeset 13813 ca3a2b5731d0
parent 13812 5966ebad68e3
child 13814 76b94c403066
7198901: correct the field size check when decoding a point on ECC curve Reviewed-by: xuelei
jdk/src/share/classes/sun/security/ec/ECParameters.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/share/classes/sun/security/ec/ECParameters.java	Tue Sep 18 17:38:43 2012 +0800
+++ b/jdk/src/share/classes/sun/security/ec/ECParameters.java	Tue Sep 18 11:08:48 2012 +0100
@@ -87,8 +87,10 @@
         if ((data.length == 0) || (data[0] != 4)) {
             throw new IOException("Only uncompressed point format supported");
         }
-        int n = data.length / 2;
-        if (n > ((curve.getField().getFieldSize() + 7 ) >> 3)) {
+        // Per ANSI X9.62, an encoded point is a 1 byte type followed by
+        // ceiling(log base 2 field-size / 8) bytes of x and the same of y.
+        int n = (data.length - 1) / 2;
+        if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
             throw new IOException("Point does not match field size");
         }
         byte[] xb = new byte[n];
jdk-sandbox