RFR 8171277: Elliptic Curves for Security in Crypto

Adam Petcher adam.petcher at oracle.com
Tue Mar 20 16:29:52 UTC 2018

Latest webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.02/

This webrev incorporates the changes from the field arithmetic code (in 
my other code review), as well as changes from Sean's comments.

On 3/15/2018 2:46 PM, Sean Mullan wrote:
> I reviewed the rest of the code and only have 2 other comments:
> * XECIterative.java
> 53: typo s/taks/takes
> * Convert.java
> Since these are static methods that could be useful to other 
> regression tests, consider moving this to a test library location and 
> using the jtreg @library label. However, I'm ok if you don't do this 
> now - we can always do it later.
> --Sean
> On 3/12/18 3:03 PM, Sean Mullan wrote:
>> On 3/9/18 8:25 AM, Adam Petcher wrote:
>>> New webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.01/
>>>> I think somewhere there should be a sentence or two on the 
>>>> difference between XECKeys and ECKeys and when you would want to 
>>>> use each. This is important enough that I think some detail should 
>>>> be in the javadoc to help users distinguish them. Perhaps put it in 
>>>> the XEC class description. Maybe more details can go in the JCA 
>>>> security guide.
>>> I added a sentence to the comments in XECKey, but I'm not sure how 
>>> much we should say here. I don't know if we should get into 
>>> mathematical details. Take a look at the new wording and let me know 
>>> if I should add more information.
>> Looks good. I would probably also put a similar sentence in the 
>> XECPublicKey and XECPrivateKey classes just so it is not missed.
>> All other changes look good.
>> --Sean

More information about the security-dev mailing list