From 96686409ddf2283651c1b7b50b2ac8c76731c7ab Mon Sep 17 00:00:00 2001 From: Zainab Fatmi Date: Wed, 3 Aug 2022 15:13:34 -0400 Subject: [PATCH] Fix race condition when creating the native pointer for an EC key Signed-off-by: Zainab Fatmi --- .../sun/security/ec/ECPrivateKeyImpl.java | 22 ++++++++++--------- .../sun/security/ec/ECPublicKeyImpl.java | 22 ++++++++++--------- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java index c7e4b7d8450..afbbc0aeb6e 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java @@ -232,9 +232,10 @@ boolean isECFieldF2m() { * @return the native EC public key context pointer or -1 on error */ long getNativePtr() { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { synchronized (this) { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { + long nativePointer; ECPoint generator = this.params.getGenerator(); EllipticCurve curve = this.params.getCurve(); ECField field = curve.getField(); @@ -247,23 +248,24 @@ long getNativePtr() { byte[] p = new byte[0]; if (field instanceof ECFieldFp) { p = ((ECFieldFp)field).getP().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else if (field instanceof ECFieldF2m) { p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else { - nativeECKey = -1; + nativePointer = -1; } - if (nativeECKey != -1) { - nativeCrypto.createECKeyCleaner(this, nativeECKey); + if (nativePointer != -1) { + nativeCrypto.createECKeyCleaner(this, nativePointer); byte[] value = this.getS().toByteArray(); - if (nativeCrypto.ECCreatePrivateKey(nativeECKey, value, value.length) == -1) { - nativeECKey = -1; + if (nativeCrypto.ECCreatePrivateKey(nativePointer, value, value.length) == -1) { + nativePointer = -1; } } + this.nativeECKey = nativePointer; } } } - return nativeECKey; + return this.nativeECKey; } } diff --git a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPublicKeyImpl.java b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPublicKeyImpl.java index ce9f7bcbdf9..0847e71531b 100644 --- a/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPublicKeyImpl.java +++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/ECPublicKeyImpl.java @@ -153,9 +153,10 @@ boolean isECFieldF2m() { * @return the native EC public key context pointer or -1 on error */ long getNativePtr() { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { synchronized (this) { - if (nativeECKey == 0x0) { + if (this.nativeECKey == 0x0) { + long nativePointer; ECPoint generator = this.params.getGenerator(); EllipticCurve curve = this.params.getCurve(); ECField field = curve.getField(); @@ -169,25 +170,26 @@ long getNativePtr() { int fieldType = 0; if (field instanceof ECFieldFp) { p = ((ECFieldFp)field).getP().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + nativePointer = nativeCrypto.ECEncodeGFp(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else if (field instanceof ECFieldF2m) { fieldType = 1; p = ((ECFieldF2m)field).getReductionPolynomial().toByteArray(); - nativeECKey = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); + nativePointer = nativeCrypto.ECEncodeGF2m(a, a.length, b, b.length, p, p.length, gx, gx.length, gy, gy.length, n, n.length, h, h.length); } else { - nativeECKey = -1; + nativePointer = -1; } - if (nativeECKey != -1) { - nativeCrypto.createECKeyCleaner(this, nativeECKey); + if (nativePointer != -1) { + nativeCrypto.createECKeyCleaner(this, nativePointer); byte[] x = this.w.getAffineX().toByteArray(); byte[] y = this.w.getAffineY().toByteArray(); - if (nativeCrypto.ECCreatePublicKey(nativeECKey, x, x.length, y, y.length, fieldType) == -1) { - nativeECKey = -1; + if (nativeCrypto.ECCreatePublicKey(nativePointer, x, x.length, y, y.length, fieldType) == -1) { + nativePointer = -1; } } + this.nativeECKey = nativePointer; } } } - return nativeECKey; + return this.nativeECKey; } }