RFR: 8346129: Simplify EdDSA & XDH curve name usage [v6]
Anthony Scarpino
ascarpino at openjdk.org
Tue Mar 25 22:30:10 UTC 2025
On Tue, 25 Mar 2025 19:40:13 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> comments on test
>
> src/java.base/share/classes/sun/security/util/KeyUtil.java line 183:
>
>> 181: * DisabledAlgorithmConstraints (DAC), this distinction is important.
>> 182: * "EdDSA" means all curves for DAC, but when using it with
>> 183: * KeyPairGenerator, "EdDSA" means "Ed25519".
>
> Maybe just say this allows more precise check for DAC. For `KeyPairGenerator`, "EdDSA" by default means "Ed25519", but you can always call `init(NamedParameterSpec.ED448)` to change it.
I see what your saying, but I was only explaining when EdDSA & Ed25519 can mean the same with KPG. As this is an internal method, I wasn't trying to explaining how to generate an Ed488 key.
> test/jdk/sun/security/util/AlgorithmConstraints/DisabledAlgorithmPermits.java line 8:
>
>> 6: * under the terms of the GNU General Public License version 2 only, as
>> 7: * published by the Free Software Foundation. Oracle designates this
>> 8: * particular file as subject to the "Classpath" exception as provided
>
> The copyright notice for a test does not need the "Classpath" exception.
All these years I never noticed the test and src copyrights were different.
> test/jdk/sun/security/util/AlgorithmConstraints/DisabledAlgorithmPermits.java line 173:
>
>> 171: record TestCase(int testType, String testAlgo, boolean expected) {
>> 172: TestCase(String testAlgo, boolean expected) {
>> 173: this( 0, testAlgo, expected);
>
> Remove the space before '0'.
ah.. intellij hid that from me
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r2013020628
PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r2013021710
PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r2013021601
More information about the security-dev
mailing list