RFR: 8347938: Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings [v10]
Weijun Wang
weijun at openjdk.org
Fri Jan 23 14:45:14 UTC 2026
On Thu, 22 Jan 2026 13:11:23 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 14 commits:
>>
>> - Merge branch 'master' into 8347938
>> - one RFC; some java.security word changes
>> - fixed merge error
>> - merge
>> - merge
>> - Ben comment
>> - combine security properties description; remove one test
>> - Merge branch 'master' into 8347938
>> - KeyChoices class
>> - allow expanded to be null
>> - ... and 4 more: https://git.openjdk.org/jdk/compare/20bd178b...dfbcaa09
>
> src/java.base/share/conf/security/java.security line 1662:
>
>> 1660: # PKCS #8 encoding format for newly created ML-KEM and ML-DSA private keys
>> 1661: #
>> 1662: # draft-ietf-lamps-kyber-certificates-11 and RFC 9881 define three possible formats for a private key:
>
> This line looks a bit longer than 80 chars.
Oh, I intentionally did it so when the I-D becomes an RFC, the line is not too long and not too short.
I can make it short now and rearrange the lines later.
> test/jdk/sun/security/provider/named/NamedKeys.java line 26:
>
>> 24: /*
>> 25: * @test
>> 26: * @bug 8347938 8347941
>
> Remove 8347941, it is a dup of 8347938.
Good catch. I'll remove all mentioning of it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24969#discussion_r2721482610
PR Review Comment: https://git.openjdk.org/jdk/pull/24969#discussion_r2721486906
More information about the security-dev
mailing list