jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/ECDHKeyExchange.java

equal deleted inserted replaced

-:bfcdcd00e4fb
+:a93b7b28f644
 import java.security.KeyPairGenerator;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECGenParameterSpec;
 import java.security.spec.ECParameterSpec;
 import java.security.spec.ECPoint;
 import java.security.spec.ECPublicKeySpec;
 import java.util.EnumSet;
 import javax.crypto.KeyAgreement;
 import javax.crypto.SecretKey;
 import javax.net.ssl.SSLHandshakeException;
-import sun.security.ssl.NamedGroup.NamedGroupType;
+import sun.security.ssl.NamedGroup.NamedGroupSpec;
 import sun.security.ssl.SupportedGroupsExtension.SupportedGroups;
 import sun.security.ssl.X509Authentication.X509Credentials;
 import sun.security.ssl.X509Authentication.X509Possession;
 import sun.security.ssl.XDHKeyExchange.XDHECredentials;
 import sun.security.ssl.XDHKeyExchange.XDHEPossession;
 }
 static ECDHECredentials valueOf(NamedGroup namedGroup,
 byte[] encodedPoint) throws IOException, GeneralSecurityException {
-if (namedGroup.type != NamedGroupType.NAMED_GROUP_ECDHE) {
+if (namedGroup.spec != NamedGroupSpec.NAMED_GROUP_ECDHE) {
 throw new RuntimeException(
 "Credentials decoding:  Not ECDHE named group");
 }
 if (encodedPoint == null || encodedPoint.length == 0) {
 return null;
 }
 ECParameterSpec parameters =
-ECUtil.getECParameterSpec(null, namedGroup.oid);
+(ECParameterSpec)namedGroup.keAlgParamSpec;
-if (parameters == null) {
-return null;
-}
 ECPoint point = ECUtil.decodePoint(
 encodedPoint, parameters.getCurve());
 KeyFactory factory = KeyFactory.getInstance("EC");
 ECPublicKey publicKey = (ECPublicKey)factory.generatePublic(
 new ECPublicKeySpec(point, parameters));
 final NamedGroup namedGroup;
 ECDHEPossession(NamedGroup namedGroup, SecureRandom random) {
 try {
 KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
-ECGenParameterSpec params =
+kpg.initialize(namedGroup.keAlgParamSpec, random);
-(ECGenParameterSpec)namedGroup.getParameterSpec();
-kpg.initialize(params, random);
 KeyPair kp = kpg.generateKeyPair();
 privateKey = kp.getPrivate();
 publicKey = (ECPublicKey)kp.getPublic();
 } catch (GeneralSecurityException e) {
 throw new RuntimeException(
 if ((context.clientRequestedNamedGroups != null) &&
 (!context.clientRequestedNamedGroups.isEmpty())) {
 preferableNamedGroup = SupportedGroups.getPreferredGroup(
 context.negotiatedProtocol,
 context.algorithmConstraints,
-new NamedGroupType[] {
+new NamedGroupSpec[] {
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-NamedGroupType.NAMED_GROUP_XDH },
+NamedGroupSpec.NAMED_GROUP_XDH },
 context.clientRequestedNamedGroups);
 } else {
 preferableNamedGroup = SupportedGroups.getPreferredGroup(
 context.negotiatedProtocol,
 context.algorithmConstraints,
-new NamedGroupType[] {
+new NamedGroupSpec[] {
-NamedGroupType.NAMED_GROUP_ECDHE,
+NamedGroupSpec.NAMED_GROUP_ECDHE,
-NamedGroupType.NAMED_GROUP_XDH });
+NamedGroupSpec.NAMED_GROUP_XDH });
 }
 if (preferableNamedGroup != null) {
 return preferableNamedGroup.createPossession(
 context.sslContext.getSecureRandom());
 continue;
 }
 NamedGroup ng = NamedGroup.valueOf(params);
 if (ng == null) {
-// unlikely, have been checked during cipher suite negotiation.
+// unlikely, have been checked during cipher suite
+// negotiation.
 throw shc.conContext.fatal(Alert.ILLEGAL_PARAMETER,
 "Unsupported EC server cert for ECDH key exchange");
 }
 for (SSLCredentials cred : shc.handshakeCredentials) {
 "No sufficient ECDHE/XDH key agreement " +
 "parameters negotiated");
 }
 String alg;
-switch (namedGroup.type) {
+switch (namedGroup.spec) {
 case NAMED_GROUP_ECDHE:
 alg = "ECDH";
 break;
 case NAMED_GROUP_XDH:
 alg = "XDH";

changeset 57718	a93b7b28f644
parent 55353	946f7f2d321c
child 58679	9c3209ff7550