RFR: 8285493: ECC calculation error
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Wed Apr 27 06:31:37 UTC 2022
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> Only numbers from the same modular fields can be involved in arithmetic calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java line 261:
> 259: IntegerModuloP result = p1.asAffine().getX();
> 260: b2a(result, orderField, temp1);
> 261: return MessageDigest.isEqual(temp1, r);
I did not get the point of this update. Is it the broken case you mentioned in the PR description? What's the issue of the original code?
src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java line 261:
> 259: IntegerModuloP result = p1.asAffine().getX();
> 260: b2a(result, orderField, temp1);
> 261: return MessageDigest.isEqual(temp1, r);
I did not get the point of this update. Is it the broken case you mentioned in the PR description? What's the issue of the original code?
-------------
PR: https://git.openjdk.java.net/jdk/pull/8409
More information about the security-dev
mailing list