RFR: 8325448: Hybrid Public Key Encryption [v3]
Kevin Driver
kdriver at openjdk.org
Fri Feb 28 17:03:54 UTC 2025
On Thu, 27 Feb 2025 03:22:18 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>>
>> 
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> example and KAT
src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 582:
> 580: // deriveData must be called because we need to increment nonce, the info must be allowed
> 581: var base_nonce = kdf.deriveData(secret_x.thenExpand(DHKEM.labeledInfo(suite_id, "base_nonce".getBytes(StandardCharsets.UTF_8),
> 582: key_schedule_context, aead.Nn), aead.Nn));
There are a few more of the in-lining with a length call here, but I assume you have more control over these values and/or some assurance that they aren't negative.
src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 187:
> 185: * Java Security Standard Algorithm Names
> 186: * @since 25
> 187: */
Overall, this is a nice write-up. I may do another pass on just this later.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975736747
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975738381
More information about the security-dev
mailing list