< prev index next >
src/java.base/share/classes/sun/security/ssl/XDHKeyExchange.java
Print this page
rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan
@@ -27,11 +27,11 @@
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.XECPublicKey;
import java.security.spec.*;
-import sun.security.ssl.NamedGroup.NamedGroupType;
+import sun.security.ssl.NamedGroup.NamedGroupSpec;
import sun.security.util.*;
/**
* Specifics for XEC/XDH Keys/Exchanges
*/
@@ -66,11 +66,11 @@
*/
static XDHECredentials valueOf(NamedGroup namedGroup,
byte[] encodedPoint) throws IOException,
GeneralSecurityException {
- if (namedGroup.type != NamedGroupType.NAMED_GROUP_XDH) {
+ if (namedGroup.spec != NamedGroupSpec.NAMED_GROUP_XDH) {
throw new RuntimeException(
"Credentials decoding: Not XDH named group");
}
if (encodedPoint == null || encodedPoint.length == 0) {
@@ -99,12 +99,11 @@
XDHEPossession(NamedGroup namedGroup, SecureRandom random) {
try {
KeyPairGenerator kpg
= JsseJce.getKeyPairGenerator(namedGroup.algorithm);
- AlgorithmParameterSpec params = namedGroup.getParameterSpec();
- kpg.initialize(params, random);
+ kpg.initialize(namedGroup.keAlgParamSpec, random);
KeyPair kp = kpg.generateKeyPair();
privateKey = kp.getPrivate();
publicKey = (XECPublicKey) kp.getPublic();
} catch (GeneralSecurityException e) {
throw new RuntimeException(
< prev index next >