On Sun, 28 Mar 2021 04:09:38 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
> Per NIST SP 800-56A Rev 3 (section 5.7.1), the shared secret cannot be 1 or > (p - 1). This update adds this validation in the JDK provider implementation. > > No new regression test, simple update and hard to construct a shared secret > of 1 or (p - 1). This pull request has now been integrated. Changeset: c986457f Author: Xue-Lei Andrew Fan <xue...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/c986457f Stats: 11 lines in 1 file changed: 9 ins; 0 del; 2 mod 8264329: Z cannot be 1 for Diffie-Hellman key agreement Reviewed-by: wetmore ------------- PR: https://git.openjdk.java.net/jdk/pull/3232
