> This fix adds an EC private key range check for the scalar value to be within > the range [1, n-1] (n being the order of the generator) for the SunEC ECDSA > Signature algorithms and ECDH KeyAgreement algorithms. While the SunEC > KeyGenerator for EC keys will not generate private keys that sit outside the > accepted range, it is possible to create and attempt to use ECPrivateKey > objects that violate this range through a KeyFactory. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8272385
Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision: change checkPrivateKey signature to return ECPrivateKey instead of void ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/5324/files - new: https://git.openjdk.java.net/jdk/pull/5324/files/864b9aaf..15696f21 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=5324&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=5324&range=00-01 Stats: 6 lines in 1 file changed: 4 ins; 0 del; 2 mod Patch: https://git.openjdk.java.net/jdk/pull/5324.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/5324/head:pull/5324 PR: https://git.openjdk.java.net/jdk/pull/5324