ECDH 近期的变化


ECDH 与非动态生成的密钥对的使用已得到简化。 现在,可以使用预选的私钥调用 ecdh.setPrivateKey(),并且关联的公钥(密钥)将被计算并存储在对象中。 这允许代码仅存储和提供 EC 密钥对的私有部分。 ecdh.setPrivateKey() 现在还验证私钥对所选曲线是否有效。

ecdh.setPublicKey() 方法现在已被弃用,因为它包含在 API 中没有用。 要么应设置先前存储的私钥,它会自动生成关联的公钥,要么应调用 ecdh.generateKeys()。 使用 ecdh.setPublicKey() 的主要缺点是它可用于将 ECDH 密钥对置于不一致的状态。

Usage of ECDH with non-dynamically generated key pairs has been simplified. Now, ecdh.setPrivateKey() can be called with a preselected private key and the associated public point (key) will be computed and stored in the object. This allows code to only store and provide the private part of the EC key pair. ecdh.setPrivateKey() now also validates that the private key is valid for the selected curve.

The ecdh.setPublicKey() method is now deprecated as its inclusion in the API is not useful. Either a previously stored private key should be set, which automatically generates the associated public key, or ecdh.generateKeys() should be called. The main drawback of using ecdh.setPublicKey() is that it can be used to put the ECDH key pair into an inconsistent state.