RFR: 8314323: Implement JEP 527: TLS 1.3 Hybrid Key Exchange [v9]
Sean Mullan
mullan at openjdk.org
Mon Dec 1 20:49:56 UTC 2025
On Wed, 26 Nov 2025 18:03:33 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/DH.java line 86:
>>
>>> 84: "right", "X25519");
>>> 85: putService(new HybridService(this, "KeyPairGenerator",
>>> 86: "X25519MLKEM768", "sun.security.util.Hybrid$KeyPairGeneratorImpl",
>>
>> Is there a reason why `Hybrid` is in `sun.security.util` instead of `com.sun.crypto.provider`? This is the only place it's used, so `c.s.c.p` seems to be a more natural place for it, but maybe I'm just not far enough into the guts of the code yet.
>
> Did you place it here because Key Pairs generally live in `s.s.*`?
I would put `Hybrid` in `sun.security.ssl`. If at some point in the future, it becomes more generally valuable outside of JSSE, we can restructure/move it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2577990699
More information about the security-dev
mailing list