On 7/11/2018 9:12 AM, Adam Petcher wrote:
On 7/11/2018 12:02 PM, Xuelei Fan wrote:
Does it make sense if secret is not temporarily stored as a class filed?
I agree that it's a bit strange, but it is organized this way because of
the zero result check described in the RFC. If the result of the key
agreement is zero, then that means that the public key is invalid. So we
compute the shared secret early in engineDoPhase so we can throw an
InvalidKeyException at the correct time. Then the computed secret is
kept around so it can be returned by engineGenerateSecret.
I see.
Thanks,
Xuelei
