8288508: Enhance ECDSA usage

Reviewed-by: mbalao, andrew
Backport-of: efd603063e60ca6861b41309445d7b8e20768d9b

Author: Aleksei Voitylov

jdk/src/share/native/sun/security/ec/impl/ec.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
  * Use is subject to license terms.
  *
  * This library is free software; you can redistribute it and/or
@@ -924,6 +924,12 @@ ECDSA_VerifyDigest(ECPublicKey *key, const SECItem *signature,
     }
 
     ecParams = &(key->ecParams);
+
+    if (EC_ValidatePublicKey(ecParams, &key->publicValue, kmflag) != SECSuccess) {
+        PORT_SetError(SEC_ERROR_BAD_KEY);
+        goto cleanup;
+    }
+
     flen = (ecParams->fieldID.size + 7) >> 3;
     olen = ecParams->order.len;
     if (signature->len == 0 || signature->len%2 != 0 ||