RFR 8234465: Encoded elliptic curve private keys should include the public point
Weijun Wang
weijun.wang at oracle.com
Tue Dec 10 09:45:48 UTC 2019
Please review the code change at
http://cr.openjdk.java.net/~weijun/8234465/webrev.00/
The fix is mostly inside ECPrivateKeyImpl. When an EC keypair is newly generated, a copy of the ECPoint of the public key is put inside the private key. This ECPoint can be stored in a PKCS #8 file. When reading from a PKCS #8 file, it can also be loaded.
Since the ECPrivateKey class interface and the ECPrivateKeySpec spec do not have the public ECPoint, an ECPrivateKeyImpl will not have this info when created from these sources. So it's still optional. I haven't tried to calculate it.
Thanks,
Max
More information about the security-dev
mailing list