RFR: 8199697: FIPS 186-4 RSA Key Generation [v2]
Valerie Peng
valeriep at openjdk.java.net
Wed Oct 21 00:23:18 UTC 2020
On Tue, 13 Oct 2020 05:23:01 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Valerie Peng has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev
>> excludes the unrelated changes brought in by the merge/rebase. The pull request contains two additional commits since
>> the last revision:
>> - Merge branch 'master' into JDK-8199697
>> - 8199697: FIPS 186-4 RSA Key Generation
>>
>> Changed RSA key pair generation code following the guidelines from FIPS 186-4.
>
> test/jdk/sun/security/rsa/SpecTest.java line 33:
>
>> 31: * @run main SpecTest 768
>> 32: * @run main SpecTest 1024
>> 33: * @run main SpecTest 1024 65537
>
> 65537 is the default public exponent (see the main() method). So, the two test case is the same:
> * @run main SpecTest 1024
> * @run main SpecTest 1024 65537
>
> Maybe, we can keep the test case for F0, and add a new public exponent number like 167971.
I want to stop using F0 since it's no longer deemed valid for FIPS 186-4. For backward compatibility, we don't reject
F0, but perhaps we should stop using it so people will start shifting to use F4. I can replace 3 with 167971.
-------------
PR: https://git.openjdk.java.net/jdk/pull/420
More information about the security-dev
mailing list