RFR: 8297878: KEM: Implementation
Xue-Lei Andrew Fan
xuelei at openjdk.org
Thu Apr 13 17:37:36 UTC 2023
On Thu, 13 Apr 2023 17:10:01 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> `DHKEM.java` is the implementation, and it does not know which provider it will be put into. It's inside the provider that calls `putService` or `put` to add an implementation there, not that the implementation registered itself in a provider.
>
I did not get the idea. Why DHKEM.java need register itself in a provider? A DHKEM.java is a part of a provider, and the Provider implementation in the provider knows how to register DHKEM.
> If `getProvider()` is implemented inside the implementation, then it can only be attached to one provider. Also, do you expect it to return `new SunJCE()`? This means the `p` in `getInstance("DHKEM", p)` will be a different instance from the value returned by `getProvider()`.
I did not get the idea. How could it be possible to return different instances. `getInstance("DHKEM", p)` returns the DHKEM implementation in provider p. The "DHKEM" string name here is not the DHKEM.java class in SunJCE provider.
Back to the question you have previously:
> If the interface is only in KEM, then it needs a provider() method, but an implementation actually does not know what the provider is.
Why it is needed to know the provider of the interface? Do you mean the Encapsulator provider could be different from the KEM provider? That's, KEM provider is ProviderK, and the Encapsulator provider is ProviderE, and you want them work together? Does it make sense that it is required that Encapsulator is an internal implementation of the KEM provider (i.e., both from the same provider)?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1165838768
More information about the security-dev
mailing list