8206915: XDH TCK issues

Fixing a couple of conformance issues in XDH Reviewed-by: mullan
2026-03-15 18:33:41 +00:00 · 2018-07-13 10:42:30 -04:00 · 2018-07-13 10:42:30 -04:00 · b2f4d61fb9
commit b2f4d61fb9
parent 6dc1ccac6b
2 changed files with 29 additions and 12 deletions
--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java
@ -69,13 +69,15 @@ public class XDHKeyAgreement extends KeyAgreementSpi {

        initImpl(key);

-        // the private key parameters must match params
-        XECParameters xecParams = XECParameters.get(
-            InvalidAlgorithmParameterException::new, params);
-        if (!xecParams.oidEquals(this.ops.getParameters())) {
-            throw new InvalidKeyException(
-                "Incorrect private key parameters"
-            );
+        // the private key parameters must match params, if present
+        if (params != null) {
+            XECParameters xecParams = XECParameters.get(
+                InvalidAlgorithmParameterException::new, params);
+            if (!xecParams.oidEquals(this.ops.getParameters())) {
+                throw new InvalidKeyException(
+                    "Incorrect private key parameters"
+                );
+            }
        }
    }

@ -171,7 +173,9 @@ public class XDHKeyAgreement extends KeyAgreementSpi {
            throw new IllegalStateException("Not initialized correctly");
        }

-        return secret.clone();
+        byte[] result = secret;
+        secret = null;
+        return result;
    }

    @Override
@ -189,7 +193,8 @@ public class XDHKeyAgreement extends KeyAgreementSpi {
        }

        System.arraycopy(this.secret, 0, sharedSecret, offset, secretLen);
-        return secret.length;
+        secret = null;
+        return secretLen;
    }

    @Override
--- a/test/jdk/sun/security/ec/xec/TestXDH.java
+++ b/test/jdk/sun/security/ec/xec/TestXDH.java
@ -23,7 +23,7 @@

 /*
 * @test
- * @bug 8171277
+ * @bug 8171277 8206915
 * @summary Test XDH key agreement
 * @library /test/lib
 * @build jdk.test.lib.Convert
@ -66,15 +66,17 @@ public class TestXDH {
        throws Exception {

        KeyPairGenerator kpg = KeyPairGenerator.getInstance(name);
+        AlgorithmParameterSpec paramSpec = null;
        if (param instanceof Integer) {
            kpg.initialize((Integer) param);
        } else if (param instanceof String) {
-            kpg.initialize(new NamedParameterSpec((String) param));
+            paramSpec = new NamedParameterSpec((String) param);
+            kpg.initialize(paramSpec);
        }
        KeyPair kp = kpg.generateKeyPair();

        KeyAgreement ka = KeyAgreement.getInstance(name);
-        ka.init(kp.getPrivate());
+        ka.init(kp.getPrivate(), paramSpec);
        ka.doPhase(kp.getPublic(), true);

        byte[] secret = ka.generateSecret();
@ -96,6 +98,16 @@ public class TestXDH {
            throw new RuntimeException("Arrays not equal");
        }

+        // make sure generateSecret() resets the state to after init()
+        try {
+            ka.generateSecret();
+            throw new RuntimeException("generateSecret does not reset state");
+        } catch (IllegalStateException ex) {
+            // do nothing---this is expected
+        }
+        ka.doPhase(pubKey, true);
+        ka.generateSecret();
+
        // test with XDH key specs
        XECPublicKeySpec xdhPublic =
            kf.getKeySpec(kp.getPublic(), XECPublicKeySpec.class);