RFR: 8346129: Simplify EdDSA & XDH curve name usage [v6]
Weijun Wang
weijun at openjdk.org
Tue Mar 25 22:35:13 UTC 2025
On Tue, 25 Mar 2025 22:26:17 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/util/KeyUtil.java line 183:
>>
>>> 181: * DisabledAlgorithmConstraints (DAC), this distinction is important.
>>> 182: * "EdDSA" means all curves for DAC, but when using it with
>>> 183: * KeyPairGenerator, "EdDSA" means "Ed25519".
>>
>> Maybe just say this allows more precise check for DAC. For `KeyPairGenerator`, "EdDSA" by default means "Ed25519", but you can always call `init(NamedParameterSpec.ED448)` to change it.
>
> I see what your saying, but I was only explaining when EdDSA & Ed25519 can mean the same with KPG. As this is an internal method, I wasn't trying to explaining how to generate an Ed488 key.
OK.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r2013025675
More information about the security-dev
mailing list