RFR: 8350134: Support DHKEM with PKCS11 [v2]
Weijun Wang
weijun at openjdk.org
Fri Apr 4 18:40:39 UTC 2025
> This code change adds support for getting public key from an EC private key in PKCS #11. This is is necessary to support DHKEM for keys in SunPKCS11. The support is still not complete and there is no way to get the public key if the private key is unwrapped from an encrypted form. PKCS #11 3.0 defined CKA_PUBLIC_KEY_INFO but I haven't yet found a library supporting it.
Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
- Merge branch 'master' into 8350134
- add key slicing support
- the code change
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/23651/files
- new: https://git.openjdk.org/jdk/pull/23651/files/60f76169..7fd44849
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=23651&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=23651&range=00-01
Stats: 170874 lines in 3876 files changed: 72340 ins; 75725 del; 22809 mod
Patch: https://git.openjdk.org/jdk/pull/23651.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/23651/head:pull/23651
PR: https://git.openjdk.org/jdk/pull/23651
More information about the security-dev
mailing list