Conceptual feedback on new ECC JEP

Michael StJohns mstjohns at comcast.net
Tue Sep 18 20:24:12 UTC 2018 

On 9/18/2018 4:01 PM, Adam Petcher wrote:
> On 9/11/2018 11:07 AM, Adam Petcher wrote:
>
>>
>> I still haven't been convinced that this lack of interoperability is 
>> a significant problem. In the proposed design, the new KeyFactory 
>> will not support ECPrivateKeySpec, and the implementation will 
>> produce private keys that inherit from PrivateKey, but not 
>> ECPrivateKey. Specifically, what problems in JCE are introduced by 
>> this design? How are these interoperability issues different from the 
>> ones you encounter with a PKCS11 provider that doesn't export private 
>> keys? If the developer wants more interoperability, why not use 
>> SunEC? If we decide that we want the new implementation to have 
>> better interoperability in the future, does something prevent us from 
>> enhancing it? These questions are for anyone who can help me 
>> understand the objections that have been raised related to 
>> interoperability.
>
> A week has passed since I asked these questions to the mailing list, 
> and I haven't gotten any answers. Without additional information, I'm 
> not motivated to change the interoperability goals in the draft JEP.


Adam -

Basically, the JCE is all about plugging in not about the 
implementations.  If this is truly an EC library, I should be able to 
get the benefit of your library with very minimal changes - e.g. 
specifying your provider in the various getInstance() calls.   As it 
stands, I doubt this will end up in anyone's "must use" category because 
it will break existing code.

You want folks to convince you that interoperability is a significant 
problem when what we (or at least I) want is for you to convince us that 
these interop breaks are warranted due to how wonderful your approach is 
and that they're absolutely necessary due the secret sauce of 
wonderfulness.  You're not there yet.

As for PKCS11 - there are exportable and non-exportable private keys 
(e.g. PKCS11 with an accelerator vs an HSM for example).  The exportable 
ones show up as ECPrivateKeys, the non-exportable ones as PrivateKeys 
(and I think with an underlying type of PKCS11Key...).  So it follows 
the model for exportable keys.  And every PKCS11 provider I've used at 
least has a way of IMPORTING ECPrivateKeys.

Later, Mike

More information about the security-dev mailing list