JavaScriptBench
diff --git a/‎src/java.base/share/classes/sun/security/util/ECUtil.java‎
Lines changed: 60 additions & 7 deletions b/‎src/java.base/share/classes/sun/security/util/ECUtil.java‎
Lines changed: 60 additions & 7 deletions
diff --git a/‎src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java‎
Lines changed: 2 additions & 77 deletions b/‎src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSASignature.java‎
Lines changed: 2 additions & 77 deletions
diff --git a/‎src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java‎
Lines changed: 51 additions & 0 deletions b/‎src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKey.java‎
Lines changed: 51 additions & 0 deletions
diff --git a/‎src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyStore.java‎
Lines changed: 3 additions & 3 deletions b/‎src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/CKeyStore.java‎
Lines changed: 3 additions & 3 deletions
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2006, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,17 +26,11 @@
 package sun.security.util;
 
 import java.io.IOException;
-
 import java.math.BigInteger;
-
 import java.security.*;
-
 import java.security.interfaces.*;
-
 import java.security.spec.*;
-
 import java.util.Arrays;
-
 import sun.security.x509.X509Key;
 
 public class ECUtil {
@@ -227,5 +221,64 @@ public static String getCurveName(Provider p, ECParameterSpec spec) {
         return nameSpec.getName();
     }
 
+    // Convert the concatenation R and S in into their DER encoding
+    public static byte[] encodeSignature(byte[] signature) throws SignatureException {
+
+        try {
+
+            int n = signature.length >> 1;
+            byte[] bytes = new byte[n];
+            System.arraycopy(signature, 0, bytes, 0, n);
+            BigInteger r = new BigInteger(1, bytes);
+            System.arraycopy(signature, n, bytes, 0, n);
+            BigInteger s = new BigInteger(1, bytes);
+
+            DerOutputStream out = new DerOutputStream(signature.length + 10);
+            out.putInteger(r);
+            out.putInteger(s);
+            DerValue result =
+                    new DerValue(DerValue.tag_Sequence, out.toByteArray());
+
+            return result.toByteArray();
+
+        } catch (Exception e) {
+            throw new SignatureException("Could not encode signature", e);
+        }
+    }
+
+    // Convert the DER encoding of R and S into a concatenation of R and S
+    public static byte[] decodeSignature(byte[] sig) throws SignatureException {
+
+        try {
+            // Enforce strict DER checking for signatures
+            DerInputStream in = new DerInputStream(sig, 0, sig.length, false);
+            DerValue[] values = in.getSequence(2);
+
+            // check number of components in the read sequence
+            // and trailing data
+            if ((values.length != 2) || (in.available() != 0)) {
+                throw new IOException("Invalid encoding for signature");
+            }
+
+            BigInteger r = values[0].getPositiveBigInteger();
+            BigInteger s = values[1].getPositiveBigInteger();
+
+            // trim leading zeroes
+            byte[] rBytes = trimZeroes(r.toByteArray());
+            byte[] sBytes = trimZeroes(s.toByteArray());
+            int k = Math.max(rBytes.length, sBytes.length);
+            // r and s each occupy half the array
+            byte[] result = new byte[k << 1];
+            System.arraycopy(rBytes, 0, result, k - rBytes.length,
+                    rBytes.length);
+            System.arraycopy(sBytes, 0, result, result.length - sBytes.length,
+                    sBytes.length);
+            return result;
+
+        } catch (Exception e) {
+            throw new SignatureException("Invalid encoding for signature", e);
+        }
+    }
+
     private ECUtil() {}
 }
@@ -25,9 +25,7 @@
 
 package sun.security.ec;
 
-import java.io.IOException;
 import java.nio.ByteBuffer;
-import java.math.BigInteger;
 
 import java.security.*;
 import java.security.interfaces.*;
@@ -453,7 +451,7 @@ protected byte[] engineSign() throws SignatureException {
         if (p1363Format) {
             return sig;
         } else {
-            return encodeSignature(sig);
+            return ECUtil.encodeSignature(sig);
         }
     }
 
@@ -476,7 +474,7 @@ protected boolean engineVerify(byte[] signature) throws SignatureException {
         if (p1363Format) {
             sig = signature;
         } else {
-            sig = decodeSignature(signature);
+            sig = ECUtil.decodeSignature(signature);
         }
 
         try {
@@ -515,79 +513,6 @@ protected AlgorithmParameters engineGetParameters() {
         return null;
     }
 
-    // Convert the concatenation of R and S into their DER encoding
-    private byte[] encodeSignature(byte[] signature) throws SignatureException {
-
-        try {
-
-            int n = signature.length >> 1;
-            byte[] bytes = new byte[n];
-            System.arraycopy(signature, 0, bytes, 0, n);
-            BigInteger r = new BigInteger(1, bytes);
-            System.arraycopy(signature, n, bytes, 0, n);
-            BigInteger s = new BigInteger(1, bytes);
-
-            DerOutputStream out = new DerOutputStream(signature.length + 10);
-            out.putInteger(r);
-            out.putInteger(s);
-            DerValue result =
-            new DerValue(DerValue.tag_Sequence, out.toByteArray());
-
-            return result.toByteArray();
-
-        } catch (Exception e) {
-            throw new SignatureException("Could not encode signature", e);
-        }
-    }
-
-    // Convert the DER encoding of R and S into a concatenation of R and S
-    private byte[] decodeSignature(byte[] sig) throws SignatureException {
-
-        try {
-            // Enforce strict DER checking for signatures
-            DerInputStream in = new DerInputStream(sig, 0, sig.length, false);
-            DerValue[] values = in.getSequence(2);
-
-            // check number of components in the read sequence
-            // and trailing data
-            if ((values.length != 2) || (in.available() != 0)) {
-                throw new IOException("Invalid encoding for signature");
-            }
-
-            BigInteger r = values[0].getPositiveBigInteger();
-            BigInteger s = values[1].getPositiveBigInteger();
-
-            // trim leading zeroes
-            byte[] rBytes = trimZeroes(r.toByteArray());
-            byte[] sBytes = trimZeroes(s.toByteArray());
-            int k = Math.max(rBytes.length, sBytes.length);
-            // r and s each occupy half the array
-            byte[] result = new byte[k << 1];
-            System.arraycopy(rBytes, 0, result, k - rBytes.length,
-            rBytes.length);
-            System.arraycopy(sBytes, 0, result, result.length - sBytes.length,
-            sBytes.length);
-            return result;
-
-        } catch (Exception e) {
-            throw new SignatureException("Invalid encoding for signature", e);
-        }
-    }
-
-    // trim leading (most significant) zeroes from the result
-    private static byte[] trimZeroes(byte[] b) {
-        int i = 0;
-        while ((i < b.length - 1) && (b[i] == 0)) {
-            i++;
-        }
-        if (i == 0) {
-            return b;
-        }
-        byte[] t = new byte[b.length - i];
-        System.arraycopy(b, i, t, 0, t.length);
-        return t;
-    }
-
     /**
      * Signs the digest using the private key.
      *
 
@@ -25,9 +25,13 @@
 
 package sun.security.mscapi;
 
+import sun.security.util.KeyUtil;
 import sun.security.util.Length;
 
+import java.math.BigInteger;
 import java.security.Key;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
 
 /**
  * The handle for a key using the Microsoft Crypto API.
@@ -100,4 +104,51 @@ public String getAlgorithm() {
     protected native static String getContainerName(long hCryptProv);
 
     protected native static String getKeyType(long hCryptKey);
+
+    // This java method generates EC BLOBs for public key or private key.
+    // See https://docs.microsoft.com/en-us/windows/desktop/api/bcrypt/ns-bcrypt-_bcrypt_ecckey_blob
+    static byte[] generateECBlob(Key k) {
+
+        int keyBitLength = KeyUtil.getKeySize(k);
+        int keyLen = (keyBitLength + 7) / 8;
+        boolean isPrivate = k instanceof ECPrivateKey;
+
+        byte[] keyBlob = new byte[8 + keyLen * (isPrivate ? 3 : 2)];
+        keyBlob[0] = 'E';
+        keyBlob[1] = 'C';
+        keyBlob[2] = 'S';
+        if (isPrivate) {
+            keyBlob[3] = (byte) (keyBitLength == 256 ? '2'
+                    : (keyBitLength == 384 ? '4' : '6'));
+        } else {
+            keyBlob[3] = (byte) (keyBitLength == 256 ? '1'
+                    : (keyBitLength == 384 ? '3' : '5'));
+        }
+        BigInteger x;
+        BigInteger y;
+        // Fill the array in reverse order (s -> y -> x -> len) in case
+        // one BigInteger encoding has an extra 0 at the beginning
+        if (isPrivate) {
+            // We can keep X and Y zero and it still works
+            ECPrivateKey prk = (ECPrivateKey)k;
+            BigInteger s = prk.getS();
+            byte[] bs = s.toByteArray();
+            System.arraycopy(
+                    bs, 0,
+                    keyBlob, 8 + keyLen + keyLen + keyLen - bs.length,
+                    bs.length);
+        } else {
+            ECPublicKey puk = (ECPublicKey)k;
+            x = puk.getW().getAffineX();
+            y = puk.getW().getAffineY();
+            byte[] by = y.toByteArray();
+            System.arraycopy(by, 0, keyBlob, 8 + keyLen + keyLen - by.length,
+                    by.length);
+            byte[] bx = x.toByteArray();
+            System.arraycopy(bx, 0, keyBlob, 8 + keyLen - bx.length, bx.length);
+        }
+        keyBlob[4] = (byte) keyLen;
+        keyBlob[5] = keyBlob[6] = keyBlob[7] = 0;
+        return keyBlob;
+    }
 }
@@ -759,12 +759,12 @@ private void generateCertificateChain(String alias,
     }
 
     /**
-     * Generates RSA key and certificate chain from the private key handle,
+     * Generates key and certificate chain from the private key handle,
      * collection of certificates and stores the result into key entries.
      * <p>
      * This method is called by native codes in security.cpp.
      */
-    private void generateRSAKeyAndCertificateChain(String alias,
+    private void generateKeyAndCertificateChain(boolean isRSA, String alias,
             long hCryptProv, long hCryptKey, int keyLength,
             Collection<? extends Certificate> certCollection) {
         try {
@@ -777,7 +777,7 @@ private void generateRSAKeyAndCertificateChain(String alias,
                 certChain[i] = (X509Certificate) iter.next();
             }
             storeWithUniqueAlias(alias, new KeyEntry(alias,
-                    CPrivateKey.of("RSA", hCryptProv, hCryptKey, keyLength),
+                    CPrivateKey.of(isRSA ? "RSA" : "EC", hCryptProv, hCryptKey, keyLength),
                     certChain));
         } catch (Throwable e) {
             // Ignore the exception and skip this entry