RFR: 8368841: X25519 implementation differs from the specification in RFC 7748
Ferenc Rakoczi
duke at openjdk.org
Tue Feb 17 13:50:31 UTC 2026
On Tue, 17 Feb 2026 01:52:57 GMT, Ben Perez <bperez at openjdk.org> wrote:
> Our implementation of X25519 does not zero the MSB of the `u` coordinate as required by RFC 7748. Currently the test `jdk/sun/security/ec/xec/TestXDH.java` zeroes the bit manually while parsing test vectors, which is likely why this went uncaught.
Looks good to me.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/29750#issuecomment-3914801000
More information about the security-dev
mailing list