RFR 8234465: Encoded elliptic curve private keys should include the public point

Weijun Wang weijun.wang at oracle.com
Tue Dec 10 09:45:48 UTC 2019

Please review the code change at


The fix is mostly inside ECPrivateKeyImpl. When an EC keypair is newly generated, a copy of the ECPoint of the public key is put inside the private key. This ECPoint can be stored in a PKCS #8 file. When reading from a PKCS #8 file, it can also be loaded.

Since the ECPrivateKey class interface and the ECPrivateKeySpec spec do not have the public ECPoint, an ECPrivateKeyImpl will not have this info when created from these sources. So it's still optional. I haven't tried to calculate it.


More information about the security-dev mailing list