Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8272385

Enforce ECPrivateKey d value to be in the range [1, n-1] for SunEC provider

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 18
    • None
    • security-libs
    • None

      Per ANSI X9.62 and FIPS 186-4 the private key for EC should sit in the range [1, n-1] where "n" is the order of the generator for the curve.

      In the SunEC Provider, if an ECPrivateKey is created with a value that exceeds the order of the generator then a Signature can still be performed.

            jnimeh Jamil Nimeh
            jnimeh Jamil Nimeh
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: