-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P4
-
Affects Version/s: None
-
Component/s: security-libs
-
None
Currently EC keys points are verified during signature operations. It has be speculated that checking those points when the key is created from the KeyFactory maybe appropriate.
When SunEC operations were done by libsunec.so, key verification occurred during signature operations. When libsunec.so was removed, the same behavior was maintained. Adding a check during KeyFactory generation is unlikely to be a compatibility risk as no new exceptions are required. But could cause exceptions is new places for applications that were built to expecting the old style.
When SunEC operations were done by libsunec.so, key verification occurred during signature operations. When libsunec.so was removed, the same behavior was maintained. Adding a check during KeyFactory generation is unlikely to be a compatibility risk as no new exceptions are required. But could cause exceptions is new places for applications that were built to expecting the old style.