On 10/18/2017 5:58 AM, Tobias Wagner wrote:
Hi,
yes, from what we know your understanding is correct. The NIST curve secp384r1
is using these functions but seems not to be affected because of its prime. Any
other curve will probably affected.
Regards
Tobias
Stupid question. Given that there this came over from NSS and that NSS
had reported the error, has anyone checked the rest of NSS reported
errors/fixes for EC for porting to the JDK?
Mike
-----Ursprüngliche Nachricht-----
Von:Adam Petcher <adam.petc...@oracle.com>
Gesendet: Die 17 Oktober 2017 22:26
An: security-dev@openjdk.java.net
Betreff: Re: Arithmetic error in SunEC
On 10/17/2017 4:55 AM, Tobias Wagner wrote:
Hi,
we found an error in the GF(p)-arithmetics of SunEC, while adding
support for brainpool-curves in ECDHE for TLS connections as
suggested in RFC 7027.
<snip>
Thanks! I created JDK-8189594[1] to track this issue. My understanding
is that this error doesn't cause any bugs in the existing JDK code, but
it may cause bugs if we add new curves that use this optimization. If I
am wrong about this, please let me know.
[1] https://bugs.openjdk.java.net/browse/JDK-8189594
Regards
Tobias
