Feedback on EdDSA API
Adam Petcher
adam.petcher at oracle.com
Wed Jun 27 16:56:10 UTC 2018
I'm looking for some initial feedback on the proposed JCA API for
EdDSA[2], which I have documented in a draft CSR ticket[1]. Any
comments, concerns, suggestions, etc are appreciated.
To summarize, the API for EdDSA looks a lot like the API for
X25519/X448. Like X25519/X448, it does not allow the selection of
arbitrary curve parameters. Though the API is flexible enough that it
could be extended to allow more flexibility in the future (or
immediately using provider-specific classes), if necessary.
The EdDSA API is a little bit more complicated than X25519/X448, because
public keys are points that cannot be expressed with a single
coordinate, and because the signature scheme takes additional
information related to the mode (pure, prehash, context). So we need a
couple more classes to handle these complications, but otherwise the API
is essentially the same as X25519/X448.
[1] https://bugs.openjdk.java.net/browse/JDK-8190219
[2] https://tools.ietf.org/html/rfc8032
More information about the security-dev
mailing list