1 |
# HG changeset patch |
2 |
# User andrew |
3 |
# Date 1453866306 0 |
4 |
# Wed Jan 27 03:45:06 2016 +0000 |
5 |
# Node ID 0ff7720931e8dbf7de25720bdc93b18527ab89e8 |
6 |
# Parent 48c15869ecd568263249af4b9a4e98d4e57f9a8f |
7 |
PR2127: SunEC provider crashes when built using system NSS |
8 |
Summary: Use NSS memory management functions |
9 |
|
10 |
diff -r 48c15869ecd5 -r 0ff7720931e8 src/share/native/sun/security/ec/ECC_JNI.cpp |
11 |
--- openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jan 27 02:54:06 2016 +0000 |
12 |
+++ openjdk/jdk/src/share/native/sun/security/ec/ECC_JNI.cpp Wed Jan 27 03:45:06 2016 +0000 |
13 |
@@ -32,6 +32,13 @@ |
14 |
#define INVALID_PARAMETER_EXCEPTION \ |
15 |
"java/security/InvalidParameterException" |
16 |
#define KEY_EXCEPTION "java/security/KeyException" |
17 |
+#define INTERNAL_ERROR "java/lang/InternalError" |
18 |
+ |
19 |
+#ifdef SYSTEM_NSS |
20 |
+#define SYSTEM_UNUSED(x) UNUSED(x) |
21 |
+#else |
22 |
+#define SYSTEM_UNUSED(x) x |
23 |
+#endif |
24 |
|
25 |
extern "C" { |
26 |
|
27 |
@@ -49,8 +56,13 @@ |
28 |
/* |
29 |
* Deep free of the ECParams struct |
30 |
*/ |
31 |
-void FreeECParams(ECParams *ecparams, jboolean freeStruct) |
32 |
+void FreeECParams(ECParams *ecparams, jboolean SYSTEM_UNUSED(freeStruct)) |
33 |
{ |
34 |
+#ifdef SYSTEM_NSS |
35 |
+ // Needs to be freed using the matching method to the one |
36 |
+ // that allocated it. PR_TRUE means the memory is zeroed. |
37 |
+ PORT_FreeArena(ecparams->arena, PR_TRUE); |
38 |
+#else |
39 |
// Use B_FALSE to free the SECItem->data element, but not the SECItem itself |
40 |
// Use B_TRUE to free both |
41 |
|
42 |
@@ -64,6 +76,7 @@ |
43 |
SECITEM_FreeItem(&ecparams->curveOID, B_FALSE); |
44 |
if (freeStruct) |
45 |
free(ecparams); |
46 |
+#endif |
47 |
} |
48 |
|
49 |
jbyteArray getEncodedBytes(JNIEnv *env, SECItem *hSECItem) |
50 |
@@ -108,6 +121,13 @@ |
51 |
goto cleanup; |
52 |
} |
53 |
|
54 |
+#ifdef SYSTEM_NSS |
55 |
+ if (SECOID_Init() != SECSuccess) { |
56 |
+ ThrowException(env, INTERNAL_ERROR); |
57 |
+ goto cleanup; |
58 |
+ } |
59 |
+#endif |
60 |
+ |
61 |
// Fill a new ECParams using the supplied OID |
62 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) { |
63 |
/* bad curve OID */ |
64 |
@@ -163,16 +183,26 @@ |
65 |
if (params_item.data) { |
66 |
env->ReleaseByteArrayElements(encodedParams, |
67 |
(jbyte *) params_item.data, JNI_ABORT); |
68 |
+#ifdef SYSTEM_NSS |
69 |
+ if (SECOID_Shutdown() != SECSuccess) { |
70 |
+ ThrowException(env, INTERNAL_ERROR); |
71 |
+ } |
72 |
+#endif |
73 |
} |
74 |
if (ecparams) { |
75 |
FreeECParams(ecparams, true); |
76 |
} |
77 |
if (privKey) { |
78 |
FreeECParams(&privKey->ecParams, false); |
79 |
+#ifndef SYSTEM_NSS |
80 |
+ // The entire ECPrivateKey is allocated in the arena |
81 |
+ // when using system NSS, so only the in-tree version |
82 |
+ // needs to clear these manually. |
83 |
SECITEM_FreeItem(&privKey->version, B_FALSE); |
84 |
SECITEM_FreeItem(&privKey->privateValue, B_FALSE); |
85 |
SECITEM_FreeItem(&privKey->publicValue, B_FALSE); |
86 |
free(privKey); |
87 |
+#endif |
88 |
} |
89 |
|
90 |
if (pSeedBuffer) { |
91 |
@@ -223,6 +253,13 @@ |
92 |
goto cleanup; |
93 |
} |
94 |
|
95 |
+#ifdef SYSTEM_NSS |
96 |
+ if (SECOID_Init() != SECSuccess) { |
97 |
+ ThrowException(env, INTERNAL_ERROR); |
98 |
+ goto cleanup; |
99 |
+ } |
100 |
+#endif |
101 |
+ |
102 |
// Fill a new ECParams using the supplied OID |
103 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) { |
104 |
/* bad curve OID */ |
105 |
@@ -270,6 +307,11 @@ |
106 |
if (params_item.data) { |
107 |
env->ReleaseByteArrayElements(encodedParams, |
108 |
(jbyte *) params_item.data, JNI_ABORT); |
109 |
+#ifdef SYSTEM_NSS |
110 |
+ if (SECOID_Shutdown() != SECSuccess) { |
111 |
+ ThrowException(env, INTERNAL_ERROR); |
112 |
+ } |
113 |
+#endif |
114 |
} |
115 |
if (privKey.privateValue.data) { |
116 |
env->ReleaseByteArrayElements(privateKey, |
117 |
@@ -336,6 +378,13 @@ |
118 |
goto cleanup; |
119 |
} |
120 |
|
121 |
+#ifdef SYSTEM_NSS |
122 |
+ if (SECOID_Init() != SECSuccess) { |
123 |
+ ThrowException(env, INTERNAL_ERROR); |
124 |
+ goto cleanup; |
125 |
+ } |
126 |
+#endif |
127 |
+ |
128 |
// Fill a new ECParams using the supplied OID |
129 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) { |
130 |
/* bad curve OID */ |
131 |
@@ -356,9 +405,15 @@ |
132 |
|
133 |
cleanup: |
134 |
{ |
135 |
- if (params_item.data) |
136 |
+ if (params_item.data) { |
137 |
env->ReleaseByteArrayElements(encodedParams, |
138 |
(jbyte *) params_item.data, JNI_ABORT); |
139 |
+#ifdef SYSTEM_NSS |
140 |
+ if (SECOID_Shutdown() != SECSuccess) { |
141 |
+ ThrowException(env, INTERNAL_ERROR); |
142 |
+ } |
143 |
+#endif |
144 |
+ } |
145 |
|
146 |
if (pubKey.publicValue.data) |
147 |
env->ReleaseByteArrayElements(publicKey, |
148 |
@@ -419,6 +474,13 @@ |
149 |
goto cleanup; |
150 |
} |
151 |
|
152 |
+#ifdef SYSTEM_NSS |
153 |
+ if (SECOID_Init() != SECSuccess) { |
154 |
+ ThrowException(env, INTERNAL_ERROR); |
155 |
+ goto cleanup; |
156 |
+ } |
157 |
+#endif |
158 |
+ |
159 |
// Fill a new ECParams using the supplied OID |
160 |
if (EC_DecodeParams(¶ms_item, &ecparams, 0) != SECSuccess) { |
161 |
/* bad curve OID */ |
162 |
@@ -460,9 +522,15 @@ |
163 |
env->ReleaseByteArrayElements(publicKey, |
164 |
(jbyte *) publicValue_item.data, JNI_ABORT); |
165 |
|
166 |
- if (params_item.data) |
167 |
+ if (params_item.data) { |
168 |
env->ReleaseByteArrayElements(encodedParams, |
169 |
(jbyte *) params_item.data, JNI_ABORT); |
170 |
+#ifdef SYSTEM_NSS |
171 |
+ if (SECOID_Shutdown() != SECSuccess) { |
172 |
+ ThrowException(env, INTERNAL_ERROR); |
173 |
+ } |
174 |
+#endif |
175 |
+ } |
176 |
|
177 |
if (ecparams) |
178 |
FreeECParams(ecparams, true); |