RFR: 8261502: ECDHKeyAgreement: Allows alternate ECPrivateKey impl and revised exception handling [v2]
Jamil Nimeh
jnimeh at openjdk.java.net
Fri Mar 19 21:17:43 UTC 2021
On Fri, 19 Mar 2021 20:29:48 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> src/jdk.crypto.ec/share/classes/sun/security/ec/ECDHKeyAgreement.java line 211:
>>
>>> 209: try {
>>> 210: result = deriveKeyImpl(privateKey, privateKeyOps, publicKey);
>>> 211: } catch (Exception e) {
>>
>> Why such a broad exception catch here? It looks like deriveKeyImpl is only explicitly throwing IKE. Are there other unchecked exceptions that you're trying to snag here that I'm missing in the deriveKeyImpl below?
>
> Just being cautious and wrapping anything. Maybe there will be some exceptions in the math methods that throw could exceptions.
Fair enough. I'm OK to leave this as-is.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2659
More information about the security-dev
mailing list