RFR: 8340327: A common framework to support public key algorithms with standard parameter sets [v6]
Sean Mullan
mullan at openjdk.org
Fri Oct 4 13:12:41 UTC 2024
On Thu, 3 Oct 2024 17:40:22 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> To prepare for new PQC algorithms like ML-KEM and ML-DSA where there are only named standardized parameter sets, a common framework is introduced.
>>
>> A example of EdDSA implementation using this framework is included as a test.
>
> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains six additional commits since the last revision:
>
> - Merge branch 'master' into 8340327
> - more test, more RAW support, fix a bug on cleaning up getRawBytes output
> - add support for private class RawKeySpec
> - ensure key is intact after being used
> - renames
> - the fix
src/java.base/share/classes/sun/security/provider/NamedKeyPairGenerator.java line 81:
> 79: private final String[] pnames; // allowed parameter set name (at least one)
> 80:
> 81: protected String name = null; // init as
Nit, don't need to set it to null.
src/java.base/share/classes/sun/security/provider/NamedKeyPairGenerator.java line 117:
> 115: "Unknown AlgorithmParameterSpec: " + params);
> 116: }
> 117: this.secureRandom = random ;
Nit, extra space before ;
src/java.base/share/classes/sun/security/provider/NamedKeyPairGenerator.java line 123:
> 121: public void initialize(int keysize, SecureRandom random) {
> 122: if (keysize != -1) {
> 123: // Bonus: a chance to provide a SecureRandom without
Is this a TODO because I don't see the code that does this? I would avoid the word "Bonus" here.
src/java.base/share/classes/sun/security/provider/NamedKeyPairGenerator.java line 144:
> 142: /// @return public key and private key (in this order) in raw bytes
> 143: /// @throws ProviderException if there is an internal error
> 144: public abstract byte[][] implGenerateKeyPair(String pname, SecureRandom sr);
Should be protected?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1787683989
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1787692380
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1787689743
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1787694991
More information about the security-dev
mailing list