RFR 8171279: Support X25519 and X448 in TLS 1.3
Adam Petcher
adam.petcher at oracle.com
Thu Sep 6 19:13:05 UTC 2018
On 9/6/2018 1:55 PM, Xuelei Fan wrote:
>> Yes, the key sizes are fixed. All we need in ECUtil is a mapping from
>> curve name to this (fixed) size. Are you suggesting some other
>> solution, other than using the XECParameters to map curve names to
>> key sizes?
> Using name only (NamedParameterSpec?) and have the JCE provider handle
> it, then you don't need to move XECParameters into java.base module.
>
Do you have a specific suggestion on how I can do that? I don't think
there is anything in the JCE API for XDH that allows a lookup from name
to key length. Are you proposing that I enhance the public API to avoid
using XECParameters here?
Also, why do you object to having XECParameters in java.base? Most of
the crypto code is in java.base, including similar classes like
ECParameters and CurveDB. I admit that it is unfortunate that
XECParameters is used directly here, instead of going over JCE---is that
what you object to?
More information about the security-dev
mailing list