Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8234465

Encoded elliptic curve private keys should include the public point

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Resolved
    • Priority: P4
    • Resolution: Fixed
    • Affects Version/s: 8
    • Fix Version/s: 15
    • Component/s: security-libs
    • Labels:

      Description

      A DESCRIPTION OF THE PROBLEM :
      According to RFC 5915 (https://tools.ietf.org/html/rfc5915), an ASN.1 encoded EC private key should contain the associated public key in the optional `publicKey` field.

      "Though the ASN.1 indicates publicKey is OPTIONAL, implementations that conform to this document SHOULD always include the publicKey field."

      EC private keys generated using the Sun EC provider omit this field. This would be acceptable / understandable in the case where the key was loaded from an external source or a keystore, as it would require some computation to obtain the public point.

      However when the key was generated by the Sun EC provider via `KeyPairGenerator.generateKeyPair().getPrivate()`, the public key is clearly available and could easily be included in the ASN.1 output without any computation. This would be a big help to consumers of such keys.


        Attachments

          Issue Links

            Activity

              People

              Assignee:
              weijun Weijun Wang
              Reporter:
              webbuggrp Webbug Group
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: