Re: RFR 8205476: KeyAgreement#generateSecret is not reset for ECDH based algorithm
The copyrights should be updated. Otherwise, looks good. --Sean On 10/17/18 4:45 PM, Adam Petcher wrote: Webrev: http://cr.openjdk.java.net/~apetcher/8205476/webrev.00/ Bug: https://bugs.openjdk.java.net/browse/JDK-8205476 CSR: https://bugs.openjdk.java.net/browse/JDK-8212051 Please review the following change for a conformance bug in the ECDH service. The KeyAgreement is supposed to reset itself after the call to generateSecret, but it is not doing that. I'm also clarifying the spec, and this change has the new wording. The CSR was just submitted, and it will also need to be approved before this code change is pushed.
Re: RFR 8205476: KeyAgreement#generateSecret is not reset for ECDH based algorithm
On 10/17/2018 4:45 PM, Adam Petcher wrote: Webrev: http://cr.openjdk.java.net/~apetcher/8205476/webrev.00/ Bug: https://bugs.openjdk.java.net/browse/JDK-8205476 CSR: https://bugs.openjdk.java.net/browse/JDK-8212051 Please review the following change for a conformance bug in the ECDH service. The KeyAgreement is supposed to reset itself after the call to generateSecret, but it is not doing that. I'm also clarifying the spec, and this change has the new wording. The CSR was just submitted, and it will also need to be approved before this code change is pushed. In ECDHKeyAgreement.java, suggest instead using a try-catch-finally construct and place the nulling of the publicValue in the final block rather than adding the two additional steps of assigning the result to a temp array and nulling publicValue before returning the result. AFAICT, there is no instance on which you would not erase the publicValue even on error. Mike
RFR 8205476: KeyAgreement#generateSecret is not reset for ECDH based algorithm
Webrev: http://cr.openjdk.java.net/~apetcher/8205476/webrev.00/ Bug: https://bugs.openjdk.java.net/browse/JDK-8205476 CSR: https://bugs.openjdk.java.net/browse/JDK-8212051 Please review the following change for a conformance bug in the ECDH service. The KeyAgreement is supposed to reset itself after the call to generateSecret, but it is not doing that. I'm also clarifying the spec, and this change has the new wording. The CSR was just submitted, and it will also need to be approved before this code change is pushed.
