On Wed, 1 Sep 2021 04:17:23 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
> This fix adds an EC private key range check for the scalar value to be within > the range [1, n-1] (n being the order of the generator) for the SunEC ECDSA > Signature algorithms and ECDH KeyAgreement algorithms. While the SunEC > KeyGenerator for EC keys will not generate private keys that sit outside the > accepted range, it is possible to create and attempt to use ECPrivateKey > objects that violate this range through a KeyFactory. > > JBS: https://bugs.openjdk.java.net/browse/JDK-8272385 Looks good to me ------------- Marked as reviewed by ascarpino (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/5324