RFR: 8325448: Hybrid Public Key Encryption [v15]

Weijun Wang weijun at openjdk.org
Mon Apr 21 14:46:58 UTC 2025 

On Mon, 14 Apr 2025 17:25:41 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   toString, exportData, spec in HPKEParameters must have algorithm identifiers specified
>
> src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 78:
> 
>> 76:  * {@link #info(byte[])} method by both sides.
>> 77:  * <li>
>> 78:  * If HPKE modes {@code mode_auth} or {@code mode_auth_psk} are used,
> 
> This could be reworded as: "To use the HPKE modes {@code mode_auth} ..."

OK.

> src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 35:
> 
>> 33:     public static void main(String[] args) throws Exception {
>> 34:         // @start region="hpke-spec-example"
>> 35:         // Key pair generation
> 
> Comment should note this is the recipient's key pair.

OK.

> src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 46:
> 
>> 44:         sender.init(Cipher.ENCRYPT_MODE, kp.getPublic(), ps);
>> 45: 
>> 46:         // Retrieve the actual parameters used from the sender.
> 
> I think it would be more clear if you didn't name the cipher objects `sender` and `recipient` because there can be confusion as to whether you mean the cipher objects or the sender/receiver entities.

I'll named them `senderCipher` and `recipientCipher`.

> src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 64:
> 
>> 62:         recipient.init(Cipher.DECRYPT_MODE, kp.getPrivate(), pr);
>> 63: 
>> 64:         // Secure communication between the 2 sides
> 
> There is no secure communication in the code below. I would remove/change this comment.

I'll change it to "Encryption and decryption".

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2052498558
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2052500301
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2052511538
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2052504826

More information about the security-dev mailing list