RFR: 8314323: Implement JEP 527: TLS 1.3 Hybrid Key Exchange [v9]
Sean Mullan
mullan at openjdk.org
Mon Dec 1 16:17:37 UTC 2025
On Mon, 24 Nov 2025 07:51:40 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> Implement hybrid key exchange support for TLS 1.3 by adding three post-quantum hybrid named groups: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1MLKEM1024.
>> Please see [JEP 527](https://openjdk.org/jeps/527) for details about this change.
>
> Hai-May Chao has updated the pull request incrementally with three additional commits since the last revision:
>
> - Update names to uppercase
> - Remove fallback in engineGeneratePublic
> - Change default named group list to have only X25519MLKEM768
src/java.base/share/classes/com/sun/crypto/provider/DH.java line 66:
> 64: * KEMs.
> 65: */
> 66: public class DH implements KEMSpi {
This class includes more than a DH KEM wrapper implementation. The provider is registering all the hybrid algorithms, including the ML-KEM parts. It feels odd to be hiding the provider inside this class. I suggest creating a separate `HybridProvider` class that is in `sun.security.ssl` package and either encapsulating the DH impl inside that, or better yet, create a separate class for it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2577735059
More information about the security-dev
mailing list