7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null
authormullan
Fri, 10 Aug 2012 09:12:12 -0400
changeset 13555 fb41599cf196
parent 13408 7b1c9c089326
child 13556 75cea698d282
7187962: sun.security.pkcs11.P11DSAKeyFactory.implTranslatePublicKey doesn't check if params is null Reviewed-by: valeriep
jdk/src/share/classes/sun/security/provider/certpath/BasicChecker.java
--- a/jdk/src/share/classes/sun/security/provider/certpath/BasicChecker.java	Thu Aug 02 18:12:18 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/certpath/BasicChecker.java	Fri Aug 10 09:12:12 2012 -0400
@@ -101,6 +101,14 @@
     public void init(boolean forward) throws CertPathValidatorException {
         if (!forward) {
             prevPubKey = trustedPubKey;
+            if (prevPubKey instanceof DSAPublicKey &&
+                ((DSAPublicKey)prevPubKey).getParams() == null)
+            {
+                // If TrustAnchor is a DSA public key and it has no params, it
+                // cannot be used to verify the signature of the first cert,
+                // so throw exception
+                throw new CertPathValidatorException("Key parameters missing");
+            }
             prevSubject = caName;
         } else {
             throw new
@@ -242,7 +250,7 @@
         }
         if (cKey instanceof DSAPublicKey &&
             ((DSAPublicKey)cKey).getParams() == null) {
-            //cKey needs to inherit DSA parameters from prev key
+            // cKey needs to inherit DSA parameters from prev key
             cKey = makeInheritedParamsKey(cKey, prevPubKey);
             if (debug != null) debug.println("BasicChecker.updateState Made " +
                                              "key with inherited params");
@@ -252,7 +260,7 @@
     }
 
     /**
-     * Internal method to create a new key with inherited key parameters
+     * Internal method to create a new key with inherited key parameters.
      *
      * @param keyValueKey key from which to obtain key value
      * @param keyParamsKey key from which to obtain key parameters
@@ -263,7 +271,6 @@
     static PublicKey makeInheritedParamsKey(PublicKey keyValueKey,
         PublicKey keyParamsKey) throws CertPathValidatorException
     {
-        PublicKey usableKey;
         if (!(keyValueKey instanceof DSAPublicKey) ||
             !(keyParamsKey instanceof DSAPublicKey))
             throw new CertPathValidatorException("Input key is not " +
@@ -279,13 +286,12 @@
                                                        params.getP(),
                                                        params.getQ(),
                                                        params.getG());
-            usableKey = kf.generatePublic(ks);
+            return kf.generatePublic(ks);
         } catch (GeneralSecurityException e) {
             throw new CertPathValidatorException("Unable to generate key with" +
                                                  " inherited parameters: " +
                                                  e.getMessage(), e);
         }
-        return usableKey;
     }
 
     /**