RFR: 8261502: ECDHKeyAgreement: Allows alternate ECPrivateKey impl and revised exception handling [v2]
Anthony Scarpino
ascarpino at openjdk.java.net
Fri Mar 19 20:34:41 UTC 2021
On Thu, 18 Mar 2021 17:06:21 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Simpler fix for ECPrivateKey
>
> src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java line 211:
>
>> 209: try {
>> 210: result = deriveKeyImpl(privateKey, privateKeyOps, publicKey);
>> 211: } catch (Exception e) {
>
> Why such a broad exception catch here? It looks like deriveKeyImpl is only explicitly throwing IKE. Are there other unchecked exceptions that you're trying to snag here that I'm missing in the deriveKeyImpl below?
Just being cautious and wrapping anything. Maybe there will be some exceptions in the math methods that throw could exceptions.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2659
More information about the security-dev
mailing list