7007966: Add Brainpool ECC support (RFC 5639)

Samuel Lidén Borell samuel at primekey.se
Thu Dec 23 15:23:59 PST 2010


On Thu, 23 Dec 2010 16:29:02 -0500
Michael StJohns <mstjohns at comcast.net> wrote:

> [...] As I recall,  sun/security/ec/NamedCurve and sun/security/ec/SunECEntries need to be modified to add the name to OID mappings so that external libs can support those curves as providers - that also covers PKCS11 mostly.  Changes are about a line each in those two files, but you'll have to use something like BouncyCastle to actually implement the curve.
> 

This is actually what my patch does. Should I proceed and submit it to the OpenJDK bug tracker?

Regards,
Samuel Lidén Borell


> 
> At 03:27 AM 12/23/2010, Samuel Lidén Borell wrote:
> >Hi,
> >
> >I've never worked with transport security so it's not really my area, and I don't know of any efforts to get Brainpool registered with IANA.
> >
> >Regards,
> >Samuel Lidén Borell
> >
> >
> >
> >On Wed, 22 Dec 2010 22:08:39 +0800
> >Xuelei Fan <xuelei.fan at Oracle.com> wrote:
> >
> >> Hi,
> >> 
> >> To use those EC curves in TLS, IANA need to register these curves[*]. Do
> >> you know any effort to use these curves in TLS?
> >> 
> >> Thanks,
> >> Xuelei
> >> 
> >> [*]
> >> http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
> >> 
> >> On 12/22/2010 9:38 PM, Samuel Lidén Borell wrote:
> >> > Hi,
> >> > 
> >> > Would it be possible to support Brainpool ECC [1] in OpenJDK (as named curves)? The Brainpool curves are used in European ePassport deployments, for example.
> >> > 
> >> > I've submitted a RFE [2] and started working on a patch [3].
> >> > 
> >> > [1] http://tools.ietf.org/html/rfc5639
> >> > [2] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7007966
> >> > [3] https://gist.github.com/740601
> >> > 
> >> > Regards,
> >> > Samuel Lidén Borell
> 




More information about the security-dev mailing list