RFR: 8368841: X25519 implementation differs from the specification in RFC 7748 [v3]
Weijun Wang
weijun at openjdk.org
Thu Feb 26 22:49:06 UTC 2026
On Tue, 24 Feb 2026 02:10:37 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Ben Perez has updated the pull request incrementally with one additional commit since the last revision:
>>
>> removed parsing functionality in TestXDH that manually clears MSB
>
> src/java.base/share/classes/sun/security/ec/XDHPublicKeyImpl.java line 59:
>
>> 57:
>> 58: // RFC 7748 Section 5 requires the MSB of `u` to be zeroed for X25519
>> 59: this.u = params.getName().equals("X448") ? u.mod(params.getP()) :
>
> I think it would cleaner to compare `NamedParameterSpec` instead of the String. `(paramSpec == NamedParameterSpec.X448) ?`. For here an the other constructor.
But `paramSpec` is newly created and it won't be the same as the one defined in the class.
On the other hand, I do think we can compare `params` itself. It's only useful internally and these are only 2 instances.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29750#discussion_r2861655441
More information about the security-dev
mailing list