JCA design for RFC 7748
Anders Rundgren
anders.rundgren.net at gmail.com
Tue Aug 8 06:31:10 UTC 2017
On 2017-08-07 23:52, Michael StJohns wrote:
> On 8/7/2017 4:37 PM, Adam Petcher wrote:
>> These two assumptions greatly simplify the API. We won't need classes
>> that mirror ECParameterSpec, EllipticCurve, ECPoint, ECField,
>> ECPublicKey, etc. for X25519/X448.
>
> That assumption holds only if your various other assumptions hold. My
> opinion is that they probably don't. (BTW - I'm pretty sure, given that
> every single asymmetric JCA crypto api takes a PublicKey or PrivateKey
> you're going to need to mirror those classes at least; you'll also need
> a ParameterSpec and a GenParameterSpec class with whatever underlying
> supporting classes are required to deal with KeyFactory's)
+1
There are virtually tons of third-party encryption libraries out there using a PublicKey
as input argument but internally do things differently depending on if it is an
RSAKey or ECKey. This is also needed for JSON (JWK) serialization.
Anders
https://github.com/cyberphone/java-cfrg-spec
More information about the security-dev
mailing list