Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8213719

Both sect163r2 and sect163k1 are default curves for field size 163

    Details

    • Type: Bug
    • Status: Open
    • Priority: P5
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: tbd
    • Component/s: security-libs
    • Labels:
      None

      Description

      In src/java.base/share/classes/sun/security/util/CurveDB.java, we have

              add("sect163k1 [NIST K-163]", "1.3.132.0.1", BD,...
              add("sect163r2 [NIST B-163]", "1.3.132.0.15", BD,...
              add("sect233k1 [NIST K-233]", "1.3.132.0.26", BD,...
              add("sect233r1 [NIST B-233]", "1.3.132.0.27", B,...
              add("sect283k1 [NIST K-283]", "1.3.132.0.16", BD,...
              add("sect283r1 [NIST B-283]", "1.3.132.0.17", B,...
              add("sect409k1 [NIST K-409]", "1.3.132.0.36", BD,...
              add("sect409r1 [NIST B-409]", "1.3.132.0.37", B,...
              add("sect571k1 [NIST K-571]", "1.3.132.0.38", BD,...
              add("sect571r1 [NIST B-571]", "1.3.132.0.39", B,...

      So here for the same field size, NIST K-* always has a BD flag and the NIST B-* one does not have it, with only one exception -- NIST B-163 has BD. The result is that when KeyPairGenerator::init(fieldSize) is called, NIST B-163 is chosen for field size 163, and for the other field sizes where both NIST B-* and NIST K-* are available, the NIST K-* one is chosen.

      I wonder if this is a typo. There should only be one curve with the BD flag, otherwise, the final length->curve map will depend on the order of add() calls, which makes the flag useless.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              weijun Weijun Wang
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: