[prev in list] [next in list] [prev in thread] [next in thread]
List: openjdk-core-libs-dev
Subject: Re: Please review EdDSA API
From: Adam Petcher <adam.petcher () oracle ! com>
Date: 2018-07-25 15:07:53
Message-ID: 3801e4b5-8df4-6201-6d3f-6689fdb7f00d () oracle ! com
[Download RAW message or body]
+core-libs-dev for additional API expertise.
On 7/25/2018 10:29 AM, Adam Petcher wrote:
> The draft CSR[1] for the EdDSA API[2] is ready for review. Please take
> a look and send me any feedback you may have. Here are a few
> high-level notes to explain the API:
>
> 1) Where possible, this API is similar to the API for X25519/X448. To
> get the complete background/motivation for the API design, you can
> review the discussion[3] on this topic.
> 2) Similar to X25519/X448, private keys are byte arrays, and public
> keys coordinates. Though we can't get by with a single BigInteger
> coordinate for EdDSA, so I am using the new EdPoint class to hold the
> coordinates.
> 3) EdDSA has multiple signature modes defined in the RFC[4], including
> some that "prehash" the input before signing. The draft API uses the
> EdDSAParameterSpec class to specify parameters of these modes. The
> standard does not allow an arbitrary choice of prehash function, so
> the API for EdDSA does not support algorithm names like
> "SHA256withEdDSA".
>
> [1] https://wiki.openjdk.java.net/display/csr/Main
> [2] https://bugs.openjdk.java.net/browse/JDK-8190219
> [3]
> http://mail.openjdk.java.net/pipermail/security-dev/2017-September/016325.html
> [4] https://tools.ietf.org/html/rfc8032
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic