RFR 8171277: Elliptic Curves for Security in Crypto

Adam Petcher adam.petcher at oracle.com
Tue Mar 20 16:29:52 UTC 2018


Latest webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.02/

This webrev incorporates the changes from the field arithmetic code (in 
my other code review), as well as changes from Sean's comments.


On 3/15/2018 2:46 PM, Sean Mullan wrote:
> I reviewed the rest of the code and only have 2 other comments:
>
> * XECIterative.java
>
> 53: typo s/taks/takes
>
> * Convert.java
>
> Since these are static methods that could be useful to other 
> regression tests, consider moving this to a test library location and 
> using the jtreg @library label. However, I'm ok if you don't do this 
> now - we can always do it later.
>
> --Sean
>
> On 3/12/18 3:03 PM, Sean Mullan wrote:
>> On 3/9/18 8:25 AM, Adam Petcher wrote:
>>> New webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.01/
>>>
>>
>>>> I think somewhere there should be a sentence or two on the 
>>>> difference between XECKeys and ECKeys and when you would want to 
>>>> use each. This is important enough that I think some detail should 
>>>> be in the javadoc to help users distinguish them. Perhaps put it in 
>>>> the XEC class description. Maybe more details can go in the JCA 
>>>> security guide.
>>>
>>> I added a sentence to the comments in XECKey, but I'm not sure how 
>>> much we should say here. I don't know if we should get into 
>>> mathematical details. Take a look at the new wording and let me know 
>>> if I should add more information.
>>
>> Looks good. I would probably also put a similar sentence in the 
>> XECPublicKey and XECPrivateKey classes just so it is not missed.
>>
>> All other changes look good.
>>
>> --Sean



More information about the security-dev mailing list