Please update ecdh.md

Open Xor-el opened this issue 7 years ago • 0 comments

Hi, First of all I want to commend the nice job you all are doing. Just wanted to inform you that bouncy castle (at least the GitHub version) is no longer vulnerable to the ecdh bug (the one that has to do with multiplying keys without first verifying they are on the same curve).

You can refer to the source

https://github.com/bcgit/bc-java/blob/d159aa822b3325aa391380c1825e9a4deecbe629/core/src/main/java/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java#L57

Regards.

Aug 16 '18 00:08 Xor-el