src/java.base/share/classes/sun/security/ssl/XDHKeyExchange.java

rev 54061 : 8226374: Restrict TLS signature schemes and named groups
Reviewed-by: mullan

@@ -27,11 +27,11 @@
 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.*;
 import java.security.interfaces.XECPublicKey;
 import java.security.spec.*;
-import sun.security.ssl.NamedGroup.NamedGroupType;
+import sun.security.ssl.NamedGroup.NamedGroupSpec;
 import sun.security.util.*;
 
 /**
  * Specifics for XEC/XDH Keys/Exchanges
  */

@@ -66,11 +66,11 @@
          */
         static XDHECredentials valueOf(NamedGroup namedGroup,
                 byte[] encodedPoint) throws IOException,
                 GeneralSecurityException {
 
-            if (namedGroup.type != NamedGroupType.NAMED_GROUP_XDH) {
+            if (namedGroup.spec != NamedGroupSpec.NAMED_GROUP_XDH) {
                 throw new RuntimeException(
                         "Credentials decoding:  Not XDH named group");
             }
 
             if (encodedPoint == null || encodedPoint.length == 0) {

@@ -99,12 +99,11 @@
 
         XDHEPossession(NamedGroup namedGroup, SecureRandom random) {
             try {
                 KeyPairGenerator kpg
                         = JsseJce.getKeyPairGenerator(namedGroup.algorithm);
-                AlgorithmParameterSpec params = namedGroup.getParameterSpec();
-                kpg.initialize(params, random);
+                kpg.initialize(namedGroup.keAlgParamSpec, random);
                 KeyPair kp = kpg.generateKeyPair();
                 privateKey = kp.getPrivate();
                 publicKey = (XECPublicKey) kp.getPublic();
             } catch (GeneralSecurityException e) {
                 throw new RuntimeException(