RFR: 8325448: Hybrid Public Key Encryption [v11]

Weijun Wang weijun at openjdk.org
Thu Mar 13 20:30:06 UTC 2025 

On Thu, 13 Mar 2025 19:55:40 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>> ![HPKEParameterSpec](https://github.com/user-attachments/assets/8cc7101b-92d1-43be-b7b4-24a7ba449231)
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   getParameters

I’ve pushed a new commit that allows the sender to retrieve the actual algorithm identifiers used. These identifiers should typically be sent along with the key encapsulation message when establishing an HPKE encryption channel, enabling the receiver to construct the same `HPKEParameterSpec` to initialize their cipher. This is reflected in the updated example in the class spec.

Furthermore, I almost believe the receiver should not be allowed to initialize an HPKE cipher with an `HPKEParameterSpec` that has unspecified algorithm identifiers. This becomes especially important if different HPKE implementations have different defaults. What do you think? Or, we can just leave this to callers?

-------------

PR Comment: https://git.openjdk.org/jdk/pull/18411#issuecomment-2722616174

More information about the security-dev mailing list