Mercurial > hg > release > icedtea7-forest-2.4 > jdk
changeset 7340:ede97ca55490
8037162: More robust DH exchanges
Reviewed-by: weijun, asmotrak, ahgross, robm
| author | xuelei |
|---|---|
| date | Wed, 26 Mar 2014 03:45:30 +0000 |
| parents | 68c6f18ee89d |
| children | e4ad481e9503 |
| files | src/share/classes/sun/security/util/KeyUtil.java |
| diffstat | 1 files changed, 11 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/util/KeyUtil.java Tue Mar 25 11:28:26 2014 -0700 +++ b/src/share/classes/sun/security/util/KeyUtil.java Wed Mar 26 03:45:30 2014 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -198,7 +198,16 @@ "Diffie-Hellman public key is too large"); } - // Don't bother to check against the y^q mod p if safe primes are used. + // y^q mod p == 1? + // Unable to perform this check as q is unknown in this circumstance. + + // p is expected to be prime. However, it is too expensive to check + // that p is prime. Instead, in order to mitigate the impact of + // non-prime values, we check that y is not a factor of p. + BigInteger r = p.remainder(y); + if (r.equals(BigInteger.ZERO)) { + throw new InvalidKeyException("Invalid Diffie-Hellman parameters"); + } } /**