RFR: 8325448: Hybrid Public Key Encryption [v18]
Weijun Wang
weijun at openjdk.org
Thu May 1 16:38:50 UTC 2025
On Thu, 1 May 2025 15:15:51 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.base/share/classes/javax/crypto/spec/snippet-files/PackageSnippets.java line 60:
>
>> 58: HPKEParameterSpec pr = HPKEParameterSpec
>> 59: .of(actual.kem_id(), actual.kdf_id(), actual.aead_id())
>> 60: .info("app_info".getBytes(StandardCharsets.UTF_8))
>
> Question, not necessarily a comment. Why is info also needed for decryption? Isn't it only needed on the encryption side when deriving the key?
Both side uses `info` to [create the key schedule](https://github.com/openjdk/jdk/blob/a4f59e388f951d84f8eb28048e3af04a53291806/src/java.base/share/classes/com/sun/crypto/provider/HPKE.java#L463-L466).
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2070488856
More information about the security-dev
mailing list