changeset 5871:95a93f039e5c

7198901: correct the field size check when decoding a point on ECC curve Reviewed-by: xuelei
author vinnie
date Tue, 18 Sep 2012 11:08:48 +0100
parents 53ca38f76eaa
children bc5e7ec12717
files src/share/classes/sun/security/ec/ECParameters.java
diffstat 1 files changed, 4 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/ec/ECParameters.java	Tue Sep 18 17:38:43 2012 +0800
+++ b/src/share/classes/sun/security/ec/ECParameters.java	Tue Sep 18 11:08:48 2012 +0100
@@ -87,8 +87,10 @@
         if ((data.length == 0) || (data[0] != 4)) {
             throw new IOException("Only uncompressed point format supported");
         }
-        int n = data.length / 2;
-        if (n > ((curve.getField().getFieldSize() + 7 ) >> 3)) {
+        // Per ANSI X9.62, an encoded point is a 1 byte type followed by
+        // ceiling(log base 2 field-size / 8) bytes of x and the same of y.
+        int n = (data.length - 1) / 2;
+        if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
             throw new IOException("Point does not match field size");
         }
         byte[] xb = new byte[n];