Skip to content

Commit 8b4566b

Browse files
kareskares
committed
correctly encode EC points to bytes
1 parent bc30597 commit 8b4566b

File tree

2 files changed

+29
-4
lines changed

2 files changed

+29
-4
lines changed

src/main/java/org/jruby/ext/openssl/PKeyEC.java

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -907,15 +907,31 @@ static byte[] encode(final ECPublicKey pubKey) {
907907
}
908908

909909
private static byte[] encode(final int bitLength, final ECPoint point) {
910-
int keyLengthBytes = bitLength / 8;
911-
byte[] encoded = new byte[1 + 2 * keyLengthBytes];
910+
if ( point == ECPoint.POINT_INFINITY ) return new byte[1];
911+
912+
final int bytesLength = (bitLength + 7) / 8;
913+
byte[] encoded = new byte[1 + bytesLength + bytesLength];
912914

913915
encoded[0] = 0x04;
914916

915-
System.arraycopy(point.getAffineX().toByteArray(), 0, encoded, 1, keyLengthBytes);
916-
System.arraycopy(point.getAffineY().toByteArray(), 0, encoded, 1 + keyLengthBytes, keyLengthBytes);
917+
addIntBytes(point.getAffineX(), bytesLength, encoded, 1);
918+
addIntBytes(point.getAffineY(), bytesLength, encoded, 1 + bytesLength);
917919

918920
return encoded;
919921
}
920922

923+
private static void addIntBytes(BigInteger i, final int length, final byte[] dest, final int destOffset) {
924+
final byte[] bytes = i.toByteArray();
925+
926+
if (length < bytes.length) {
927+
System.arraycopy(bytes, bytes.length - length, dest, destOffset, length);
928+
}
929+
else if (length > bytes.length) {
930+
System.arraycopy(bytes, 0, dest, destOffset + (length - bytes.length), bytes.length);
931+
}
932+
else {
933+
System.arraycopy(bytes, 0, dest, destOffset, length);
934+
}
935+
}
936+
921937
}

src/test/ruby/ec/test_ec.rb

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,15 @@ def test_read_pem2
5151
#puts signature.inspect
5252
end
5353

54+
def test_point
55+
group = OpenSSL::PKey::EC::Group.new('prime256v1')
56+
client_public_key_bn = OpenSSL::BN.new('58089019511196532477248433747314139754458690644712400444716868601190212265537817278966641566813745621284958192417192818318052462970895792919572995957754854')
57+
58+
binary = "\x04U\x1D6|\xA9\x14\eC\x13\x99b\x96\x9B\x94f\x8F\xB0o\xE2\xD3\xBC%\x8E\xE0Xn\xF2|R\x99b\xBD\xBFB\x8FS\xCF\x13\x7F\x8C\x03N\x96\x9D&\xB2\xE1\xBDQ\b\xCE\x94!s\x06.\xC5?\x96\xC7q\xDA\x8B\xE6"
59+
client_public_key = OpenSSL::PKey::EC::Point.new(group, client_public_key_bn)
60+
assert_equal binary, client_public_key.to_bn.to_s(2)
61+
end
62+
5463
require File.expand_path('base64.rb', File.dirname(__FILE__))
5564

5665
def test_encrypt

0 commit comments

Comments
 (0)