RFR 8182999: SunEC throws ProviderException on invalid curves

Seán Coffey sean.coffey at oracle.com
Fri Jul 7 20:12:53 UTC 2017


Adam,

would it be useful to get the curve name in the new exception ? I think 
it would help with future debugging. Line 96 already gets the curve name 
if we're dealing with ECGenParameterSpec instance. I think the same 
approach could be applied to your new code.

Regards,
Sean.


On 07/07/2017 19:59, Adam Petcher wrote:
> This is a bug fix related to invalid curves in the SunEC provider. 
> During ECKeyPairGenerator.initialize(), the provider only checks 
> whether the curve is known, but it doesn't check whether the curve is 
> actually supported by the native code. So the call to 
> generateKeyPair() can fail in the native code and throw a 
> ProviderException. This change adds a new native method to check 
> whether the curve is supported. This method is called by initialize(), 
> which will set the state to uninitialized and throw the expected 
> exception when the curve is not supported.
>
> JBS: https://bugs.openjdk.java.net/browse/JDK-8182999
> Webrev: http://cr.openjdk.java.net/~apetcher/8182999/webrev.00/
>



More information about the security-dev mailing list