Per NIST SP 800-56A Rev 3 (section 5.7.1), the shared secret cannot be 1 or (p - 1). This update adds this validation in the JDK provider implementation.
No new regression test, simple update and hard to construct a shared secret of 1 or (p - 1). ------------- Commit messages: - 8264329: Z cannot be 1 for Diffie-Hellman key agreement Changes: https://git.openjdk.java.net/jdk/pull/3232/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=3232&range=00 Issue: https://bugs.openjdk.java.net/browse/JDK-8264329 Stats: 10 lines in 1 file changed: 8 ins; 0 del; 2 mod Patch: https://git.openjdk.java.net/jdk/pull/3232.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/3232/head:pull/3232 PR: https://git.openjdk.java.net/jdk/pull/3232
