Remove validate methods

ibmruntimes · May 23, 2024 · ad9afa1 · ad9afa1
1 parent 5455299
commit ad9afa1
Showing 1 changed file with 0 additions and 74 deletions.
diff --git a/closed/src/jdk.crypto.ec/share/classes/sun/security/ec/NativeECDHKeyAgreement.java b/closed/src/jdk.crypto.ec/share/classes/sun/security/ec/NativeECDHKeyAgreement.java
@@ -31,7 +31,6 @@
 
 package sun.security.ec;
 
-import java.math.BigInteger;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Key;
@@ -43,9 +42,7 @@
 import java.security.interfaces.ECPublicKey;
 import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.ECParameterSpec;
-import java.security.spec.EllipticCurve;
 import java.util.Map;
-import java.util.Optional;
 import java.util.concurrent.ConcurrentHashMap;
 
 import javax.crypto.KeyAgreementSpi;
@@ -55,11 +52,6 @@
 
 import jdk.crypto.jniprovider.NativeCrypto;
 
-import sun.security.ec.point.AffinePoint;
-import sun.security.ec.point.Point;
-import sun.security.util.ArrayUtil;
-import sun.security.util.math.ImmutableIntegerModuloP;
-
 /**
  * Native KeyAgreement implementation for ECDH.
  */
@@ -74,9 +66,6 @@ public final class NativeECDHKeyAgreement extends KeyAgreementSpi {
     /* private key, if initialized */
     private ECPrivateKeyImpl privateKey;
 
-    /* operations associated with private key, if initialized */
-    private ECOperations privateKeyOps;
-
     /* public key, non-null between doPhase() & generateSecret() only */
     private ECPublicKeyImpl publicKey;
 
@@ -98,7 +87,6 @@ public NativeECDHKeyAgreement() {
     private void init(Key key)
             throws InvalidKeyException, InvalidAlgorithmParameterException {
         this.privateKey = null;
-        this.privateKeyOps = null;
         this.publicKey = null;
 
         if (!(key instanceof PrivateKey)) {
@@ -190,68 +178,6 @@ protected Key engineDoPhase(Key key, boolean lastPhase)
         }
     }
 
-    // Verify that x and y are integers in the interval [0, p - 1].
-    private static void validateCoordinate(BigInteger c, BigInteger mod)
-            throws InvalidKeyException {
-        if ((c.signum() < 0) || (c.compareTo(mod) >= 0)) {
-            throw new ProviderException("Invalid coordinate");
-        }
-    }
-
-    // Check whether a public key is valid, following the ECC
-    // Full Public-key Validation Routine (See section 5.6.2.3.3,
-    // NIST SP 800-56A Revision 3).
-    private static void validate(ECOperations ops, ECPublicKey key)
-            throws InvalidKeyException {
-        // Note: Per the NIST 800-56A specification, it is required
-        // to verify that the public key is not the identity element
-        // (point of infinity).  However, the point of infinity has no
-        // affine coordinates, although the point of infinity could
-        // be encoded.  Per IEEE 1363.3-2013 (see section A.6.4.1),
-        // the point of infinity is represented by a pair of
-        // coordinates (x, y) not on the curve.  For EC prime finite
-        // field (q = p^m), the point of infinity is (0, 0) unless
-        // b = 0; in which case it is (0, 1).
-        //
-        // It means that this verification could be covered by the
-        // validation that the public key is on the curve.  As will be
-        // verified in the following steps.
-
-        // Ensure that integers are in proper range.
-        BigInteger x = key.getW().getAffineX();
-        BigInteger y = key.getW().getAffineY();
-        BigInteger p = ops.getField().getSize();
-        validateCoordinate(x, p);
-        validateCoordinate(y, p);
-
-        ECParameterSpec spec = key.getParams();
-
-        // Ensure the point is on the curve.
-        EllipticCurve curve = spec.getCurve();
-        BigInteger rhs = x.modPow(BigInteger.valueOf(3), p)
-                          .add(curve.getA().multiply(x))
-                          .add(curve.getB())
-                          .mod(p);
-        BigInteger lhs = y.modPow(BigInteger.TWO, p);
-        if (!rhs.equals(lhs)) {
-            throw new ProviderException("Point is not on curve");
-        }
-
-        // Check the order of the point.
-        //
-        // Compute nQ (using elliptic curve arithmetic), and verify that
-        // nQ is the identity element.
-        ImmutableIntegerModuloP xElem = ops.getField().getElement(x);
-        ImmutableIntegerModuloP yElem = ops.getField().getElement(y);
-        AffinePoint affP = new AffinePoint(xElem, yElem);
-        byte[] order = spec.getOrder().toByteArray();
-        ArrayUtil.reverse(order);
-        Point product = ops.multiply(affP, order);
-        if (!ops.isNeutral(product)) {
-            throw new ProviderException("Point has incorrect order");
-        }
-    }
-
     @Override
     protected byte[] engineGenerateSecret() throws IllegalStateException {
         if (this.javaImplementation != null) {