RFR: 8347938: Switch to latest ML-KEM private key encoding [v7]
Weijun Wang
weijun at openjdk.org
Wed Sep 10 23:06:29 UTC 2025
> The private key encoding formats of ML-KEM and ML-DSA are updated to match the latest IETF drafts at: https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-11 and https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10. New security/system properties are introduced to determine which CHOICE a private key is encoded when a new key pair is generated or when `KeyFactory::translateKey` is called.
>
> By default, the choice is "seed".
>
> Both the encoding and the expanded format are stored inside a `NamedPKCS8Key` now. When loading from a PKCS #8 key, the expanded format is calculated from the input if it's seed only.
Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 10 commits:
- merge
- Ben comment
- combine security properties description; remove one test
- Merge branch 'master' into 8347938
- KeyChoices class
- allow expanded to be null
- merge
- Merge
- safer privKeyToPubKey; updated desciptions for the properties; adding braces to if blocks
- the fix
-------------
Changes: https://git.openjdk.org/jdk/pull/24969/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24969&range=06
Stats: 2219 lines in 22 files changed: 1460 ins; 548 del; 211 mod
Patch: https://git.openjdk.org/jdk/pull/24969.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/24969/head:pull/24969
PR: https://git.openjdk.org/jdk/pull/24969
More information about the security-dev
mailing list