From 226051a00a809cfbc212075fdefb65394d551f51 Mon Sep 17 00:00:00 2001
From: andrew <none@none>
Date: Thu, 10 Oct 2019 04:21:07 +0100
Subject: [PATCH] 8228825: Enhance ECDSA operations Reviewed-by: bae, bmathiske

---
 .../security/ssl/EllipticCurvesExtension.java | 19 +++++--------------
 1 file changed, 5 insertions(+), 14 deletions(-)

diff --git a/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java b/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java
index edaf8e211..70aa79ddd 100644
--- a/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java
+++ b/src/share/classes/sun/security/ssl/EllipticCurvesExtension.java
@@ -168,20 +168,11 @@ final class EllipticCurvesExtension extends HelloExtension {
                     "contains no supported elliptic curves");
             }
         } else {        // default curves
-            int[] ids;
-            if (requireFips) {
-                ids = new int[] {
-                    // only NIST curves in FIPS mode
-                    23, 24, 25, 9, 10, 11, 12, 13, 14,
-                };
-            } else {
-                ids = new int[] {
-                    // NIST curves first
-                    23, 24, 25, 9, 10, 11, 12, 13, 14,
-                    // non-NIST curves
-                    22,
-                };
-            }
+            int[] ids = new int[] {
+                // The three widely-used NIST curves:
+                // secp256r1, secp384r1 & secp521r1
+                23, 24, 25
+            };
 
             idList = new ArrayList<>(ids.length);
             for (int curveId : ids) {
-- 
GitLab