RFR 8171277: Elliptic Curves for Security in Crypto (part 2)

Adam Petcher adam.petcher at oracle.com
Tue Mar 27 20:23:20 UTC 2018

After the last code review[1] on this topic completed, it was suggested 
that I add some more "spec enforcement" to the XDH service. The code 
hasn't been integrated yet, so I'm doing this as a follow-on review 
under the same ticket. The latest webrev contains only the diff from the 
end of the last review.

JBS: https://bugs.openjdk.java.net/browse/JDK-8171277
Webrev: http://cr.openjdk.java.net/~apetcher/8171277/webrev.03/

(note: you can look at webrev.02 to see the code at the end of the last 

For XDH, we are adding the algorithm names "X25519" and "X448", because 
these names are more widely known than "XDH". This leaves us with the 
problem of whether things like this should be allowed:

var kpg = KeyPairGenerator.getInstance("X448");
kpg.initialize(new NamedParameterSpec("X25519"));

To promote good code hygiene, the implementation in SunEC will reject 
all confusing combinations like this in all XDH services. Programmers 
can still use the "XDH" algorithm name to get a service that allows all 
supported parameters and key sizes.


More information about the security-dev mailing list