RFR: 8360564: Implement JEP 524: PEM Encodings of Cryptographic Objects (Second Preview)
Anthony Scarpino
ascarpino at openjdk.org
Mon Sep 15 18:51:56 UTC 2025
On Fri, 12 Sep 2025 18:33:53 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java line 255:
>>
>>> 253: if (seq.data.available() != 0) {
>>> 254: DerValue derValue = seq.data.getDerValue();
>>> 255: if (derValue.isContextSpecific((byte) 1)) {
>>
>> If any of these `if`s is false `null` is returned. Would you rather throw an IAE?
>
> I see there could be a
>
> parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL,
>
> Shall we skip it?
This only checks if one is available in the private key material. If there is none, null is fine.
The domain parameters are kept as part of private key SEC1v2 encoding and can be read when generating a private key with a KeyFactory. Translating the encoding could be error-prone, and maybe incompatible.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2349784363
More information about the security-dev
mailing list