JDK-8201317 : X25519/X448 code improvements
- Type: Enhancement
- Component: security-libs
- Sub-Component: javax.crypto
- Affected Version: 8,11,12
- Priority: P4
- Status: Resolved
- Resolution: Fixed
- Submitted: 2018-04-09
- Updated: 2020-01-13
- Resolved: 2018-08-29
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 11 | JDK 12 | JDK 7 | JDK 8 | Other |
|---|---|---|---|---|
| 11.0.2Fixed | 12 b09Fixed  |
7u231Fixed | 8u221Fixed |
openjdk7uFixed |
Description
The following suggestions were made late in the X25519/X448 code development cycle, and the changes did not make it in time for code review: 1) Ensure that the contract for methods that take array arguments is properly specified and/or checked. For example IntegerPolynomial::addLimbs/conditionalSwap take two arrays, but it is not stated/checked that these arrays must have the same length. 2) In XDHKeyAgreement::engineGenerateSecret, use secure coding guidelines style to prevent overflow. Change: if (offset + secretLen > sharedSecret.length) ... to if (secretLen > sharedSecret.length - offset) ... Or perhaps Math.addExact can be used here.
Comments
|