RFR 8205476: KeyAgreement#generateSecret is not reset for ECDH based algorithm
Michael StJohns
mstjohns at comcast.net
Thu Oct 18 00:40:41 UTC 2018
On 10/17/2018 4:45 PM, Adam Petcher wrote:
> Webrev: http://cr.openjdk.java.net/~apetcher/8205476/webrev.00/
> Bug: https://bugs.openjdk.java.net/browse/JDK-8205476
> CSR: https://bugs.openjdk.java.net/browse/JDK-8212051
>
> Please review the following change for a conformance bug in the ECDH
> service. The KeyAgreement is supposed to reset itself after the call
> to generateSecret, but it is not doing that. I'm also clarifying the
> spec, and this change has the new wording. The CSR was just submitted,
> and it will also need to be approved before this code change is pushed.
>
In ECDHKeyAgreement.java, suggest instead using a try-catch-finally
construct and place the nulling of the publicValue in the final block
rather than adding the two additional steps of assigning the result to a
temp array and nulling publicValue before returning the result. AFAICT,
there is no instance on which you would not erase the publicValue even
on error.
Mike
More information about the security-dev
mailing list