RFR: 8297878: KEM: Implementation

Weijun Wang weijun at openjdk.org
Thu Apr 13 17:57:43 UTC 2023 

On Thu, 13 Apr 2023 17:35:00 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> `DHKEM.java` is the implementation, and it does not know which provider it will be put into. It's inside the provider that calls `putService` or `put` to add an implementation there, not that the implementation registered itself in a provider.
>> 
>> If `getProvider()` is implemented inside the implementation, then it can only be attached to one provider. Also, do you expect it to return `new SunJCE()`? This means the `p` in `getInstance("DHKEM", p)` will be a different instance from the value returned by `getProvider()`. There is no specification talking about if the instances must be the same or not, but it's probably not a good idea to have 2 objects for the same provider.
>> 
>> In fact, I can create a new provider and simply call `putService` to add existing implementations (that were already provided by other providers) inside it, and I can `getInstance` from this provider and its `getProvider()` returns this provider.
>> 
>> For this reason, the base `Encapsulator` interface cannot be defined inside `KEM`. As I said earlier, it can be defined inside `KEMSpi` and then we add an extra `provider()` method to its implementation in `KEM`. I just don't think this is worth doing.
>
>> `DHKEM.java` is the implementation, and it does not know which provider it will be put into. It's inside the provider that calls `putService` or `put` to add an implementation there, not that the implementation registered itself in a provider.
>> 
> I did not get the idea.  Why DHKEM.java need register itself in a provider?  A DHKEM.java is a part of a provider, and the Provider implementation in the provider knows how to register DHKEM.
> 
>> If `getProvider()` is implemented inside the implementation, then it can only be attached to one provider. Also, do you expect it to return `new SunJCE()`? This means the `p` in `getInstance("DHKEM", p)` will be a different instance from the value returned by `getProvider()`. 
> 
> I did not get the idea.  How could it be possible to return different instances. `getInstance("DHKEM", p)` returns the DHKEM implementation in provider p.  The "DHKEM" string name here is not the DHKEM.java class in SunJCE provider.
> 
> Back to the question you have previously: 
>> If the interface is only in KEM, then it needs a provider() method, but an implementation actually does not know what the provider is.
> 
> Why it is needed to know the provider of the interface?  Do you mean the Encapsulator provider could be different from the KEM provider?  That's, KEM provider is ProviderK, and the Encapsulator provider is ProviderE, and you want them work together?   Does it make sense that it is required that Encapsulator is an internal implementation of the KEM provider (i.e., both from the same provider)?

Currently, `provider()` is a method of `KEM.Encapsulator`. If `KEMSpi. newEncapsulator` also returns this interface, then what value should its `provider()` method return? This is what I meant registering itself to a provider.

When I said different instances, I was asking

var k = KEM.getInstance("DHKEM", p);
var e = k.newEncapsulator(pk);
// now, is p == e.provider()?


Or, are you suggesting we should define `provider()` somewhere else? It's possible, but I have difficulty making every class immutable.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1165858327

More information about the security-dev mailing list