RFR: 8314323: Implement JEP 527: TLS 1.3 Hybrid Key Exchange [v11]
Hai-May Chao
hchao at openjdk.org
Fri Dec 5 16:37:09 UTC 2025
On Thu, 4 Dec 2025 14:50:32 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Remove null check to not assume key is returned
>
> src/java.base/share/classes/sun/security/ssl/Hybrid.java line 459:
>
>> 457:
>> 458: static boolean isXDH(String name) {
>> 459: return name != null && name.equals("X25519");
>
> Can `name` in the two methods above be null? This might be hiding a bug.
>
> Also, I think it's not worth putting them into a separate class `APS`.
Removed class `APS` (and checking null name).
> src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java line 184:
>
>> 182: KEM.getInstance(algorithmName, provider) :
>> 183: KEM.getInstance(algorithmName);
>> 184: KEM.Encapsulator e = kem.newEncapsulator(pk);
>
> `newEncapsulator` is called without an `SecureRandom` argument. Is this intended? Otherwise, we had a chance to pass in a user-provided random when `KEMSenderPossession` is created and it can be passed here.
Fixed. Creating a `KEMSenderPossession` should have started with a `SecureRandom`.
> src/java.base/share/classes/sun/security/ssl/KEMKeyExchange.java line 116:
>
>> 114: private final PublicKey publicKey;
>> 115:
>> 116: KEMReceiverPossession(NamedGroup namedGroup, SecureRandom random) {
>
> `random` is ignored. Is this intended?
Fixed. `random` should be used in `kpg.initialize()`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2593270703
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2593271507
PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2593271045
More information about the security-dev
mailing list