RFR: 8297878: KEM: Implementation

Weijun Wang weijun at openjdk.org
Thu Apr 13 17:12:43 UTC 2023 

On Thu, 13 Apr 2023 02:51:28 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> If the interface is only in `KEM`, then it needs a `provider()` method, but an implementation actually does not know what the provider is. An implementation can be registered in any (or even multiple) providers.
>
>> If the interface is only in `KEM`, then it needs a `provider()` method, but an implementation actually does not know what the provider is.
> 
> With "implementation", do you mean the javax/crypto/KEPSpi.java or src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java?
> 
> If it is refer to KEPSpi.java, why KEPSpi.java need to know what the provider is?  Is it sufficient to use engineNewEncapsulator() to get the provider implementation?
> 
> If it is refer to DHKEM.java, I did not get the idea why the  provider is unknown.
> 
>> An implementation can be registered in any (or even multiple) providers.
> 
> I did not get the idea.  Why it is not registered in SunJCE?
> 
> I think you may have evaluated the following idea, but I'm not why it is not work.  I may missed something.  Would you mind explain in more details?
> 
> 
> public final class KEM {
>     interface Encapsulator {
>         ...
>         KEM.Encapsulated encapsulate(...);
>         ...
>     }
> 
>     public static KEM getInstance(String algorithm) {
>         ...
>     }
> 
>     // Search for the registered providers, return the 1st non-null provider.newEncapsulator() or throw exception.
>     public Encapsulator newEncapsulator(PublicKey pk,
>             AlgorithmParameterSpec spec, SecureRandom secureRandom)
>         ...
>     }
> }
> 
> public interface KEMSpi {
>     // A provider implementation will implement the KEM.Encapsulator 
>     // interface internally.  If a provider does not support the parameters,
>     // null or nil object will be returned.
>     public KEM.Encapsulator newEncapsulator(PublicKey pk,
>             AlgorithmParameterSpec spec, SecureRandom secureRandom);
> }       
> 
> Use case:
>     KEM.getInstance(DHKEM).newEncapsulator(...);

`DHKEM.java` is the implementation, and it does not know which provider it will be put into. It's inside the provider that calls `putService` or `put` to add an implementation there, not that the implementation registered itself in a provider.

If `getProvider()` is implemented inside the implementation, then it can only be attached to one provider. Also, do you expect it to return `new SunJCE()`? This means the `p` in `getInstance("DHKEM", p)` will be a different instance from the value returned by `getProvider()`. There is no specification talking about if the instances must be the same or not, but it's probably not a good idea to have 2 objects for the same provider.

In fact, I can create a new provider and simply call `putService` to add existing implementations (that were already provided by other providers) inside it, and I can `getInstance` from this provider and its `getProvider()` returns this provider.

For this reason, the base `Encapsulator` interface cannot be defined inside `KEM`. As I said earlier, it can be defined inside `KEMSpi` and then we add an extra `provider()` method to its implementation in `KEM`. I just don't think this is worth doing.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1165815968

More information about the security-dev mailing list