RFR: 8340327: A common framework to support public key algorithms with standard parameter sets [v10]

Valerie Peng valeriep at openjdk.org
Tue Oct 8 01:19:59 UTC 2024


On Mon, 7 Oct 2024 18:54:03 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> To prepare for new PQC algorithms like ML-KEM and ML-DSA where there are only named standardized parameter sets, a common framework is introduced.
>> 
>> A example of EdDSA implementation using this framework is included as a test.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   null check as asserts, and better exception messages

src/java.base/share/classes/sun/security/pkcs/NamedPKCS8Key.java line 56:

> 54: public final class NamedPKCS8Key extends PKCS8Key {
> 55:     @Serial
> 56:     private static final long serialVersionUID = 1L;

Well, I didn't find similar serialization handling in this class as in `PKCS8Key`. Do we expect (de-)serialization to work or not?

src/java.base/share/classes/sun/security/pkcs/NamedPKCS8Key.java line 81:

> 79:         } finally {
> 80:             val.clear();
> 81:         }

The `this.key` is from the `PKCS8Key` class, right? However, looking at the impl of the `PKCS8Key` class, it looks to me that `key` should be equivalent to the `rawBytes` here instead of a DER bytes with OctetString tag.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1791055486
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1791054269


More information about the security-dev mailing list