Correction: Re: RFC8410 (in)compatibility

Weijun Wang WEIJUN.WANG at ORACLE.COM
Sat Aug 29 16:03:10 UTC 2020 

In JDK 15, a Signature.getInstance("Ed25519”) would also reject a key generated from KeyPairGenerator.getInstance("X25519”). It accepts a key from KeyPairGenerator.getInstance("Ed25519”).

Thanks,
Max

> On Aug 29, 2020, at 10:14 AM, Anders Rundgren <anders.rundgren.net at gmail.com> wrote:
> 
> The RFC8410 author claims that the public key featured in the "self-issued" certificate is NOT related to the signature key.
> The answer to my question is thus (?) that "Signature" should (as BC does) reject X25519 keys.
> 
> All is good :-)
> 
> Anders
> 
> On 2020-08-28 16:07, Anders Rundgren wrote:
>> On 2020-08-28 15:58, Weijun Wang wrote:
>>> Is “Ed25519” what you need? It’s not available in JDK 11. See https://bugs.openjdk.java.net/browse/JDK-8199231.
>> I know, that's why I wrote that I currently use BC (BouncyCastle).
>> My question is thus applicable to JDK 15.  BC apparently rejects X25519 signature keys.  Probably for a reason.
>> Regards,
>> Anders
>>> 
>>> —Max
>>> 
>>>> On Aug 28, 2020, at 9:55 AM, Anders Rundgren <anders.rundgren.net at gmail.com> wrote:
>>>> 
>>>> On 2020-08-28 15:41, Weijun Wang wrote:
>>>>> What version of java are you using and what’s your command to generate the key pair?
>>>> 
>>>> Hi Max,
>>>> 
>>>> While waiting for JDK 15, I'm currently using JDK11 and BC but the question is really about the Signature object specification.
>>>> 
>>>>   KeyPairGenerator kpg = KeyPairGenerator.getInstance("X25519")
>>>>   KeyPair kp = kpg.generateKeyPair();
>>>> 
>>>> A self-signed X25519 certificate would require that a X25519 key is useful as a signature key.
>>>> 
>>>> Note: I'm not proposing such a feature, I'm just trying to understand :)
>>>> 
>>>> Regards,
>>>> Anders
>>>>> Thanks,
>>>>> Max
>>>>>> On Aug 28, 2020, at 7:03 AM, Anders Rundgren <anders.rundgren.net at gmail.com> wrote:
>>>>>> 
>>>>>> Hi Crypto Experts,
>>>>>> 
>>>>>> Please pardon my ignorance regarding curve25519, but I ran into problems [*] trying to recreate the sample certificate:
>>>>>> https://urldefense.com/v3/__https://tools.ietf.org/html/rfc8410*section-10.2__;Iw!!GqivPVa7Brio!OMTnVBdbrt8MuV8YwHsti8iuWLk2QE3C6FGAQeBoMJj9pIBQiRO6cbcSLzY8F_90TQ$
>>>>>> It seems that the certificate is signed with a key intended for ECDH.
>>>>>> Question: is Java's "Signature" object supposed to accept X25519 keys?
>>>>>> 
>>>>>> Personally I don't see any use of a self-signed encryption certificate so maybe this is just a bad example...kind of edge case.
>>>>>> 
>>>>>> Regards,
>>>>>> Anders Rundgren
>>>>>> 
>>>>>> *] java.security.InvalidKeyException: cannot identify EdDSA private key
>>>> 
>>> 
>

More information about the security-dev mailing list