8206915: XDH TCK issues
Summary: Fixing a couple of conformance issues in XDH
Reviewed-by: mullan
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java Fri Jul 13 15:44:54 2018 +0200
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java Fri Jul 13 10:42:30 2018 -0400
@@ -69,13 +69,15 @@
initImpl(key);
- // the private key parameters must match params
- XECParameters xecParams = XECParameters.get(
- InvalidAlgorithmParameterException::new, params);
- if (!xecParams.oidEquals(this.ops.getParameters())) {
- throw new InvalidKeyException(
- "Incorrect private key parameters"
- );
+ // the private key parameters must match params, if present
+ if (params != null) {
+ XECParameters xecParams = XECParameters.get(
+ InvalidAlgorithmParameterException::new, params);
+ if (!xecParams.oidEquals(this.ops.getParameters())) {
+ throw new InvalidKeyException(
+ "Incorrect private key parameters"
+ );
+ }
}
}
@@ -171,7 +173,9 @@
throw new IllegalStateException("Not initialized correctly");
}
- return secret.clone();
+ byte[] result = secret;
+ secret = null;
+ return result;
}
@Override
@@ -189,7 +193,8 @@
}
System.arraycopy(this.secret, 0, sharedSecret, offset, secretLen);
- return secret.length;
+ secret = null;
+ return secretLen;
}
@Override
--- a/test/jdk/sun/security/ec/xec/TestXDH.java Fri Jul 13 15:44:54 2018 +0200
+++ b/test/jdk/sun/security/ec/xec/TestXDH.java Fri Jul 13 10:42:30 2018 -0400
@@ -23,7 +23,7 @@
/*
* @test
- * @bug 8171277
+ * @bug 8171277 8206915
* @summary Test XDH key agreement
* @library /test/lib
* @build jdk.test.lib.Convert
@@ -66,15 +66,17 @@
throws Exception {
KeyPairGenerator kpg = KeyPairGenerator.getInstance(name);
+ AlgorithmParameterSpec paramSpec = null;
if (param instanceof Integer) {
kpg.initialize((Integer) param);
} else if (param instanceof String) {
- kpg.initialize(new NamedParameterSpec((String) param));
+ paramSpec = new NamedParameterSpec((String) param);
+ kpg.initialize(paramSpec);
}
KeyPair kp = kpg.generateKeyPair();
KeyAgreement ka = KeyAgreement.getInstance(name);
- ka.init(kp.getPrivate());
+ ka.init(kp.getPrivate(), paramSpec);
ka.doPhase(kp.getPublic(), true);
byte[] secret = ka.generateSecret();
@@ -96,6 +98,16 @@
throw new RuntimeException("Arrays not equal");
}
+ // make sure generateSecret() resets the state to after init()
+ try {
+ ka.generateSecret();
+ throw new RuntimeException("generateSecret does not reset state");
+ } catch (IllegalStateException ex) {
+ // do nothing---this is expected
+ }
+ ka.doPhase(pubKey, true);
+ ka.generateSecret();
+
// test with XDH key specs
XECPublicKeySpec xdhPublic =
kf.getKeySpec(kp.getPublic(), XECPublicKeySpec.class);