RFR 8171277: Elliptic Curves for Security in Crypto

Sean Mullan sean.mullan at oracle.com
Thu Mar 15 18:46:40 UTC 2018


I reviewed the rest of the code and only have 2 other comments:

* XECIterative.java

53: typo s/taks/takes

* Convert.java

Since these are static methods that could be useful to other regression 
tests, consider moving this to a test library location and using the 
jtreg @library label. However, I'm ok if you don't do this now - we can 
always do it later.

--Sean

On 3/12/18 3:03 PM, Sean Mullan wrote:
> On 3/9/18 8:25 AM, Adam Petcher wrote:
>> New webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.01/
>>
> 
>>> I think somewhere there should be a sentence or two on the difference 
>>> between XECKeys and ECKeys and when you would want to use each. This 
>>> is important enough that I think some detail should be in the javadoc 
>>> to help users distinguish them. Perhaps put it in the XEC class 
>>> description. Maybe more details can go in the JCA security guide.
>>
>> I added a sentence to the comments in XECKey, but I'm not sure how 
>> much we should say here. I don't know if we should get into 
>> mathematical details. Take a look at the new wording and let me know 
>> if I should add more information.
> 
> Looks good. I would probably also put a similar sentence in the 
> XECPublicKey and XECPrivateKey classes just so it is not missed.
> 
> All other changes look good.
> 
> --Sean


More information about the security-dev mailing list