RFR: 8347938: Switch to latest ML-KEM private key encoding [v2]
Weijun Wang
weijun at openjdk.org
Fri Jan 31 16:57:14 UTC 2025
> The private key encoding formats of ML-KEM and ML-DSA are updated to match the latest IERTF drafts at: https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-06 and https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-07. Most importantly, the seed used to generate a key pair is now stored in the private key.
>
> Both the seed and the expanded format are stored inside a `NamedPKCS8Key` now. When loading from a PKCS #8 key that contains the seed, both fields will be filled. If the PKCS #8 encoding only contains the expanded key (which does not conform to the current drafts but might have been created earlier), the expanded key will be read and used in KEM and signature operations.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
add more checks into a test
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/23376/files
- new: https://git.openjdk.org/jdk/pull/23376/files/cab4fc16..4ce726b5
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=00-01
Stats: 1220 lines in 2 files changed: 562 ins; 510 del; 148 mod
Patch: https://git.openjdk.org/jdk/pull/23376.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/23376/head:pull/23376
PR: https://git.openjdk.org/jdk/pull/23376
More information about the security-dev
mailing list