search

ibmruntimes / openj9-openjdk-jdk

Extensions for OpenJDK for Eclipse OpenJ9
GNU General Public License v2.0
17 stars 73 forks source link

Add additional checks to NativeECDHKeyAgreement to match upstream #788

Closed KostasTsiounis closed 4 months ago

KostasTsiounis commented 4 months ago

There are additional checks that are required during the init and doPhase parts of ECDH key agreement. Those checks are already present in the original ECDHKeyAgreement class, so they had to be added to the NativeECDHKeyAgreement class as well.

Both the private and public key are, also, set to null at the beginning of the initialization, regardless of the method's outcome, meaning that in case of failure the previous keys cannot be used. This is new in JDK23.

Fixes: https://github.com/eclipse-openj9/openj9/issues/19437

Signed-off by: Kostas Tsiounis kostas.tsiounis@ibm.com

keithc-ca commented 4 months ago

Jenkins test sanity zlinux jdknext

keithc-ca commented 4 months ago

The two test failures (java.security.manager) in a grinder seem unrelated to this change.

pshipton commented 4 months ago

@keithc-ca pls see the backports