JEP for X25519/X448 key agreement (original) (raw)
Adam Petcher adam.petcher at oracle.com
Thu Sep 14 16:59:51 UTC 2017
- Previous message (by thread): [RFR] 8184328: JDK8u131 socketRead0 hang at SSL read
- Next message (by thread): JEP for X25519/X448 key agreement
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The JEP for X25519/X448 key agreement[1] is now available and ready to review. Please take a look and reply with any feedback you have.
The JEP contains a description of the proposed JCA API. We have discussed the API on this mailing list, and I have attempted to incorporate all the feedback I have received. Here is a description of the changes since the last discussion:
- Multiple people requested more specific types for public/private keys for this algorithm. The latest API design mirrors the "EC" hierarchy and has both interfaces and spec classes for public and private keys. I also added the interface "XDHKey", which serves the same purpose as "ECKey".
- The representation of public keys was changed from byte[] to a BigInteger which holds the u coordinate of the point. Private keys are still represented using byte[] due to complications related to pruning, and also because BigInteger doesn't provide a branch-free way to get the key into another representation (which is necessary for side-channel-resilient implementations).
The proposed API still lacks a standard way to specify arbitrary domain parameters, but I believe the API design could be extended to support this feature. I would prefer to add this API as a separate enhancement in the future, preferably in cooperation with someone who is developing a provider that supports this feature.
[1] https://bugs.openjdk.java.net/browse/JDK-8181595
- Previous message (by thread): [RFR] 8184328: JDK8u131 socketRead0 hang at SSL read
- Next message (by thread): JEP for X25519/X448 key agreement
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]