RFR: 8261502: ECDHKeyAgreement: Allows alternate ECPrivateKey impl and revised exception handling [v2]

Anthony Scarpino ascarpino at openjdk.java.net
Fri Mar 19 20:34:41 UTC 2021

On Thu, 18 Mar 2021 17:06:21 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:

>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>   Simpler fix for ECPrivateKey
> src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java line 211:
>> 209:         try {
>> 210:             result = deriveKeyImpl(privateKey, privateKeyOps, publicKey);
>> 211:         } catch (Exception e) {
> Why such a broad exception catch here?  It looks like deriveKeyImpl is only explicitly throwing IKE.  Are there other unchecked exceptions that you're trying to snag here that I'm missing in the deriveKeyImpl below?

Just being cautious and wrapping anything.  Maybe there will be some exceptions in the math methods that throw could exceptions.


PR: https://git.openjdk.java.net/jdk/pull/2659

More information about the security-dev mailing list