RFR 8213400: Support choosing curve name in keytool keypair generation

Adam Petcher adam.petcher at oracle.com
Thu Nov 8 16:28:03 UTC 2018


On 11/8/2018 8:10 AM, Weijun Wang wrote:

> - CurveDB.java:
>
> -        add("sect163r2 [NIST B-163]", "1.3.132.0.15", BD,
> +        add("sect163r2 [NIST B-163]", "1.3.132.0.15", B,
>
> All other NIST B-*** curves do not have BD. This should have been a typo.

I think this will change the default 163-bit curve from sect163r2 to 
sect163k1. We shouldn't change these defaults without a compelling reason.

>
> - NamedCurve.java:
>
> A new field commonNames added, which is used by the new GroupName.java test.

I don't see why this is necessary. The test is using this list of common 
names to make sure the correct named curve is used. Why not just check 
the value returned by NamedCurve.getName() against the expected 
(canonical) name of the curve? Or check the OID?





More information about the security-dev mailing list