[RFR] 8166597: Crypto support for the EdDSA Signature Algorithm (JEP 339)
Anthony Scarpino
anthony.scarpino at oracle.com
Tue Mar 31 02:50:23 UTC 2020
On 3/30/20 11:52 AM, Anthony Scarpino wrote:
>
> On 3/30/20 6:21 AM, Weijun Wang wrote:
>> I was playing with keytool with your patch and noticed
>> sun.security.util.KeyUtil.getKeySize(Key) does not support an
>> EdECKey. While we use curve name instead of key size in EC to
>> describe the parameters, the size is still useful in determining the
>> strength.
>
> I think I should be able to access the parameter with the key's
> NamedParameterSpec to return the size.
I was wrong about this. The parameters are part of jdk.crypto.ec while
KeyUtil is part of java.base, so I cannot access the internal
EdDSAParameters class.
The easiest way would be to look at the NamedParameterSpec and return a
hardcoded length based on the curve used. It's not ideal, but all these
curves don't change lengths unlike for RSA, AES, etc.
Tony
>
>>
>> There is also a KeyUtil.getKeySize(AlgorithmParameters) nearby. I'm
>> not involved with previous discussions on EdDSA design, but why does
>> EdDSASignature.engineGetParameters() throw an UOE?
>
> Because the public API for engineGetParameter(String param) is
> deprecated would be my suspicion.
>
>> Another small problem:
>>
>> You reverted the copyright year from 2020 to an earlier year in
>> module-info.java, keytool/Main.java.
>
> The copyright has not been reverted, the jdk repo was updated to 2020
> from another changeset.
>
>>
>> Thanks, Max
>>
>>> On Mar 24, 2020, at 2:53 AM, Anthony Scarpino
>>> <anthony.scarpino at oracle.com> wrote:
>>>
>>> On 2/25/20 12:49 PM, Anthony Scarpino wrote:
>>>> Hi I need a code review for the EdDSA support in JEP 339. The
>>>> code builds on the existing java implemented constant time
>>>> classes used for XDH and the NIST curves. The change also adds
>>>> classes to the public API to support EdDSA operations. All
>>>> information about the JEP is located at: JEP 339:
>>>> https://bugs.openjdk.java.net/browse/JDK-8199231 CSR:
>>>> https://bugs.openjdk.java.net/browse/JDK-8190219 webrev:
>>>> https://cr.openjdk.java.net/~ascarpino/8166597/webrev/ thanks Tony
>>>
>>>
>>> I updated the webrev with some minor updates that were commented
>>> previously.
>>>
>>> https://cr.openjdk.java.net/~ascarpino/8166597/webrev.01/
>>>
>>> Tony
>>
>
More information about the security-dev
mailing list