RFR 8171277: Elliptic Curves for Security in Crypto
adam.petcher at oracle.com
Tue Mar 20 16:29:52 UTC 2018
Latest webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.02/
This webrev incorporates the changes from the field arithmetic code (in
my other code review), as well as changes from Sean's comments.
On 3/15/2018 2:46 PM, Sean Mullan wrote:
> I reviewed the rest of the code and only have 2 other comments:
> * XECIterative.java
> 53: typo s/taks/takes
> * Convert.java
> Since these are static methods that could be useful to other
> regression tests, consider moving this to a test library location and
> using the jtreg @library label. However, I'm ok if you don't do this
> now - we can always do it later.
> On 3/12/18 3:03 PM, Sean Mullan wrote:
>> On 3/9/18 8:25 AM, Adam Petcher wrote:
>>> New webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.01/
>>>> I think somewhere there should be a sentence or two on the
>>>> difference between XECKeys and ECKeys and when you would want to
>>>> use each. This is important enough that I think some detail should
>>>> be in the javadoc to help users distinguish them. Perhaps put it in
>>>> the XEC class description. Maybe more details can go in the JCA
>>>> security guide.
>>> I added a sentence to the comments in XECKey, but I'm not sure how
>>> much we should say here. I don't know if we should get into
>>> mathematical details. Take a look at the new wording and let me know
>>> if I should add more information.
>> Looks good. I would probably also put a similar sentence in the
>> XECPublicKey and XECPrivateKey classes just so it is not missed.
>> All other changes look good.
More information about the security-dev