[jdk17u-ri] RFR: 8297878: KEM: Implementation [v4]

Andrew John Hughes andrew at openjdk.org
Fri May 3 20:23:06 UTC 2024 

On Thu, 18 Apr 2024 18:09:35 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> This is the KEM API backport to Java SE 17 MR 1.
>> 
>> The `src` files are identical to those in the current `jdk` repo except for the change made to `KEM.java` at https://github.com/openjdk/jdk/commit/59c2aff1edffb66762bbbe5e310913f87953be5b#diff-7bee547996d0de5692181a509bdf509276c7eb9351722580fd6aee7975745e67.
>> 
>> _Update: There are javadoc changes to all the `src` files in following commits._
>> 
>> The `RSA_KEM` code is modified because `DerOutputStream` lacks several methods in JDK 17.
>> 
>> `Proc` is updated like in JDK 21 to support for some internal interop testing. The test files for `Proc` are also backported.
>> 
>> This change does not contain the DHKEM implementation in the original JDK 21 change.
>> 
>> This change also covers JDK-8322971 which fixed a follow-on P3 bug of the initial KEM work.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   update tags of inner types

> 8322971



> @gnu-andrew I backported the 3 issues in a single PR because [JDK-8305846](https://bugs.openjdk.org/browse/JDK-8305846) was originally created to support the RSA-KEM interop test. I understand the change for it looks a little strange without any usage of it here. I hope grouping them together will make further backport - if exists - simpler.
> 

We usually try and avoid it for more complex patches. It makes it easier for the person backporting, but harder for reviewers who have to pick it apart again.

> For the year of `Provider.java`, I just updated it to _now_.

Ok, we usually avoid this as it creates differences from the original commit which may then break further backports.

> 
> Yes, `getKemImpl` exists because after JDK-8322971 one cannot load a KEM impl from an unsigned security provider in Oracle JDK. This is a little different from OpenJDK.

Ah, ok, so it's  necessary after 8322971.

-------------

PR Comment: https://git.openjdk.org/jdk17u-ri/pull/1#issuecomment-2093708258

More information about the jdk-updates-dev mailing list