Tolerate the optional fields in the ECPrivateKey sequence

The ECPrivateKey sequence defines two optional fields:
parameters and publicKey. When parsing an ECPrivateKey,
the code must allow cases where only one of these fields
is present, or where both are absent or where both are
presented.

In addition, it seems that java does not automatically
concatenate the cause’s message with the outer exception’s
message, the detailed message associated with the cause
is not merged into the current exception’s detail message.
Therefore, getMessage() is explicitly included when throwing
the exception in order to preserve and expose the underlying
error details.

Signed-off-by: JinhangZhang <Jinhang.Zhang@ibm.com>

Author: JinhangZhang

src/main/java/com/ibm/crypto/plus/provider/ECPrivateKey.java

@@ -87,7 +87,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC
             this.ecKey = ECKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes,
                     paramBytes, provider);
         } catch (Exception exception) {
-            throw new InvalidKeyException("Failed to create EC private key", exception);
+            throw new InvalidKeyException("Failed to create EC private key, " + exception.getMessage(), exception);
         }
 
     }
@@ -122,7 +122,7 @@ final class ECPrivateKey extends PKCS8Key implements java.security.interfaces.EC
             this.ecKey = ECKey.createPrivateKey(provider.getOCKContext(), privateKeyBytes,
                     paramBytes, provider);
         } catch (Exception exception) {
-            throw new InvalidKeyException("Failed to create EC private key", exception);
+            throw new InvalidKeyException("Failed to create EC private key, " + exception.getMessage(), exception);
         }
     }
 
@@ -194,16 +194,20 @@ private byte[] createEncodedPrivateKeyWithParams() throws IOException {
         outEncodedStream.putOctetString(privateKeyBytes);
 
         byte[] encodedParams = this.getAlgorithmId().getEncodedParams();
-        if (inputDerValue.length > 2) {
-            if (!inputDerValue[2].isContextSpecific(TAG_PARAMETERS_ATTRS)) {
-                throw new IOException("Decoding EC private key failed. Third element is not tagged as parameters");
-            }
-            DerInputStream paramDerInputStream = inputDerValue[2].getData();
-            byte[] privateKeyParams = paramDerInputStream.toByteArray();
-            
-            // Check against the existing parameters created by PKCS8Key.
-            if (!Arrays.equals(privateKeyParams, encodedParams)) {
-                throw new IOException("Decoding EC private key failed. The params are not the same as PKCS8Key's");
+        if (inputDerValue.length > 2) { 
+            if (inputDerValue[2].isContextSpecific(TAG_PARAMETERS_ATTRS)) {
+                DerInputStream paramDerInputStream = inputDerValue[2].getData();
+                byte[] privateKeyParams = paramDerInputStream.toByteArray();
+                // Check against the existing parameters created by PKCS8Key.
+                if (!Arrays.equals(privateKeyParams, encodedParams)) {
+                    throw new IOException("Decoding EC private key failed. The params are not the same as PKCS8Key's");
+                }
+            } else if (inputDerValue[2].isContextSpecific(TAG_PUBLIC_KEY_ATTRS)) {
+                ; // Found [1] publicKey (optional) - ignore here
+            } else {
+                // Unknown third+ element: we can throw, or ignore.
+                // Keeping old behavior would be to throw; but RFC allows only [0]/[1] here.
+                throw new IOException("Decoding EC private key failed. Unexpected tagged field in ECPrivateKey");
             }
         }
         // The native library needs the ASN.1 DER decoding of the private key to contain the parameters (i.e., the OID).

src/test/java/ibm/jceplus/junit/base/BaseTestECKeyImport.java

@@ -1,5 +1,5 @@
 /*
- * Copyright IBM Corp. 2023, 2025
+ * Copyright IBM Corp. 2023, 2026
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms provided by IBM in the LICENSE file that accompanied
@@ -24,11 +24,13 @@
 import java.security.spec.PKCS8EncodedKeySpec;
 import java.security.spec.X509EncodedKeySpec;
 import java.util.Arrays;
+import java.util.Base64;
 import java.util.HexFormat;
 import org.junit.jupiter.api.Test;
 import sun.security.pkcs.PKCS8Key;
 import sun.security.x509.X509Key;
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
 public class BaseTestECKeyImport extends BaseTestJunit5 {
@@ -82,7 +84,14 @@ public class BaseTestECKeyImport extends BaseTestJunit5 {
                                                  + "9C57C30FAA2DEF09DDDAD4E8748C442325B8EDB94EF7AA9"
                                                  + "78D4A56F0B601448B0DDFA4CC4B0555EAE67354C442A3AC"
                                                  + "E9D04BE186765A1921962FC08D1A58C53A";
-    
+
+    private static final String private_secp256r1_no_parameters = 
+                                                "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgn5K03bpTLjEtFQRa" +
+                                                "JUtx22gtmGEvvSUSQdimhGthdtihRANCAARv72fTmp9ed8dRvTG1Ak1Lgl5KLoiM" +
+                                                "59bk2pyG8qd8l7L1WQnNHtAcu44RJ1/GVHurxghaCKHeJYsZ8H7DEeI6";
+    private static final String private_secp256r1_no_parameters_no_public =
+                                                "MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDlySzNwwln6W+zDiDk" +
+                                                "K7OvyaalUUdkOd6CrThHqenrfg==";
 
     /**
      * Generate a KeyPair using ECGEenParam and then import the key pair
@@ -305,5 +314,18 @@ public void testImportHardcoded() throws Exception {
 
         assertTrue(((X509Key) importPublicKey).getAlgorithmId().toString().contains("secp521r1"), "Curve is not what is expected.");
     }
+
+    @Test
+    public void testECPrivateKeyWithoutParametersPublicKey() throws Exception {
+        KeyFactory kf = KeyFactory.getInstance("EC", getProviderName());
+
+        PKCS8EncodedKeySpec priKeySpecNoParameters = new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(private_secp256r1_no_parameters));
+        PrivateKey priKeyNoParameters = kf.generatePrivate(priKeySpecNoParameters);
+        assertNotNull(priKeyNoParameters);
+
+        PKCS8EncodedKeySpec priKeySpecNoParametersNoPublicKey = new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(private_secp256r1_no_parameters_no_public));
+        PrivateKey priKeyNoParametersNoPublicKey = kf.generatePrivate(priKeySpecNoParametersNoPublicKey);
+        assertNotNull(priKeyNoParametersNoPublicKey);
+    }
 }