RFR: 8325448: Hybrid Public Key Encryption [v32]

Sean Mullan mullan at openjdk.org
Fri Aug 22 18:51:02 UTC 2025 

On Fri, 15 Aug 2025 21:05:04 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>> 
>> ![HPKEParameterSpec06-27-3](https://github.com/user-attachments/assets/a17e7ea2-86dd-4e2d-9506-210e97ff8ae8)
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   cleaner comments

src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 125:

> 123:  * security guarantees.
> 124:  * <p>
> 125:  * Example:

I recommend adding a bit more details explaining the example, since there are 2 sides involved, ex: "This example shows a sender and a receiver using HPKE to encrypt ..."

src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 41:

> 39: 
> 40:         // The HPKE sender cipher is initialized with the recipient's public
> 41:         // key and HPKEParameterSpec using specified algorithm identifiers

s/and/and an/

src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 55:

> 53:         byte[] kemEncap = senderCipher.getIV();
> 54: 
> 55:         // The HPKE recipient side is initialized with its own private key,

s/side/cipher/ (to be consistent with sender comment)

src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 56:

> 54: 
> 55:         // The HPKE recipient side is initialized with its own private key,
> 56:         // HPKEParameterSpec using the same algorithm identifiers as used by

s/HPKEParameterSpec/an HPKEParameterSpec/

src/java.base/share/classes/sun/security/util/SliceableSecretKey.java line 31:

> 29: /**
> 30:  * An interface for <code>SecretKey</code>s that support using its slice as a new
> 31:  * <code>SecretKey</code>

Nit: missing period.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2294432761
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2294318307
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2294323151
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2294325100
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2294282453

More information about the security-dev mailing list