RFR: 8325448: Hybrid Public Key Encryption [v15]
Sean Mullan
mullan at openjdk.org
Mon Apr 14 19:40:45 UTC 2025
On Fri, 11 Apr 2025 20:41:13 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>> 
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> toString, exportData, spec in HPKEParameters must have algorithm identifiers specified
src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 136:
> 134: * {@snippet lang=java class="PackageSnippets" region="hpke-spec-example"}
> 135: *
> 136: * @implNote
Making this implementation specific means that other providers could in theory choose different defaults, which reduces compatibility but an application could never be sure, or even know if this is for algorithms in RFC 9180. These are probably the most reasonable defaults for RFC 9180 compliant implementations. Did you consider making these defaults a requirement of HPKE implementations? I also wonder if "HPKE" is too general. If there is ever a new HPKE spec with say a new KEM or KDF algorithm for EC/XDH keys, would it be called "HPKE2"?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2042820511
More information about the security-dev
mailing list