RFR: JDK-8166596: TLS support for the EdDSA signature algorithm [v3]
Jamil Nimeh
jnimeh at openjdk.java.net
Wed Dec 2 16:38:00 UTC 2020
On Wed, 2 Dec 2020 15:33:20 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> SunEC's algorithm name for keys are always "EdDSA", but I know BC returns "Ed25519" or "Ed448".
>
> Filed and took ownership of JDK-8257607 to address BC JCE provider issues for both XDH and EdDSA when used with SunJSSE.
Also, specific to this particular algorithm the signature type can be EdDSA for both BC and SunJCE, regardless of if the key type is EdDSA (SunJCE) or Ed25519 or Ed448 (BC). Creating a signature with algorithm EdDSA and the use of the key from either provider will perform a signature of the proper kind.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1197
More information about the security-dev
mailing list