RFR: 8189441: Define algorithm names for keys derived from KeyAgreement [v2]
Sean Mullan
mullan at openjdk.org
Fri Jan 3 13:43:43 UTC 2025
On Wed, 18 Dec 2024 22:33:28 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Allow `Generic` as an algorithm in the `KeyAgreement::generateSecret(alg)` method.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> add key size adjustment clarification
src/java.base/share/classes/com/sun/crypto/provider/DHKeyAgreement.java line 423:
> 421: return skey;
> 422: } else if (KeyUtil.isSupportedKeyAgreementOutputAlgorithm(algorithm)) {
> 423: // remove leading zero bytes per RFC 5246 Section 8.1.2
Maybe move this comment after line 424 inside the `if` block.
src/java.base/share/classes/javax/crypto/KeyAgreement.java line 662:
> 660: * subsequent operations.
> 661: *
> 662: * @param algorithm the requested secret-key algorithm. This is
Did you consider instead referencing the new section you are adding for standard key algorithm names (https://bugs.openjdk.org/browse/JDK-8346736)? It could be reworded as:
"See the Key Algorithms section in the Java Security Standard Algorithm Names Specification for information about standard secret key algorithm names. Use "Generic" ..."
test/jdk/java/security/KeyAgreement/Generic.java line 28:
> 26: * @bug 8189441
> 27: * @library /test/lib /test/jdk/sun/security/pkcs11
> 28: * @summary make sure Generic is accepted by all KeyAgreement
Suggest: s/KeyAgreement/KeyAgreement implementations/
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22650#discussion_r1901783329
PR Review Comment: https://git.openjdk.org/jdk/pull/22650#discussion_r1901796238
PR Review Comment: https://git.openjdk.org/jdk/pull/22650#discussion_r1901788258
More information about the security-dev
mailing list