RFR: 8325448: Hybrid Public Key Encryption [v28]
Weijun Wang
weijun at openjdk.org
Thu Aug 14 17:03:18 UTC 2025
On Thu, 14 Aug 2025 16:50:23 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 402:
>>
>>> 400: ", kdf_id=" + kdf_id +
>>> 401: ", aead_id=" + aead_id +
>>> 402: ", info=" + HexFormat.of().formatHex(info) +
>>
>> Nit: We can try to convert `info` to UTF-8 string first and print it as a hex number only if such conversion fails. Then if we do print it as a hex number we should prepend `0x` to it so it's clear what format it is.
>
> Sounds good. How is this worth doing? I'll need a `CharsetDecoder` with all error input reporting on and then catch the exception.
One known user of HPKE -- [Encrypted ClientHello](https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-25#name-offering-ech) -- uses `"tls ech" || 0x00 || ECHConfig` and it's binary (at least you see an 0x00 there).
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2277206901
More information about the security-dev
mailing list