'Re: Correction: Re: RFC8410 (in)compatibility'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-security-dev
Subject:    Re: Correction: Re: RFC8410 (in)compatibility
From:       Weijun Wang <WEIJUN.WANG () ORACLE ! COM>
Date:       2020-08-29 16:03:10
Message-ID: AA2E9174-829C-47C8-B5E2-2C66169311F3 () ORACLE ! COM
[Download RAW message or body]

In JDK 15, a Signature.getInstance("Ed25519") would also reject a key generated from \
KeyPairGenerator.getInstance("X25519"). It accepts a key from \
KeyPairGenerator.getInstance("Ed25519").

Thanks,
Max

> On Aug 29, 2020, at 10:14 AM, Anders Rundgren <anders.rundgren.net@gmail.com> \
> wrote: 
> The RFC8410 author claims that the public key featured in the "self-issued" \
> certificate is NOT related to the signature key. The answer to my question is thus \
> (?) that "Signature" should (as BC does) reject X25519 keys. 
> All is good :-)
> 
> Anders
> 
> On 2020-08-28 16:07, Anders Rundgren wrote:
> > On 2020-08-28 15:58, Weijun Wang wrote:
> > > Is "Ed25519" what you need? It's not available in JDK 11. See \
> > > https://bugs.openjdk.java.net/browse/JDK-8199231.
> > I know, that's why I wrote that I currently use BC (BouncyCastle).
> > My question is thus applicable to JDK 15.  BC apparently rejects X25519 signature \
> > keys.  Probably for a reason. Regards,
> > Anders
> > > 
> > > —Max
> > > 
> > > > On Aug 28, 2020, at 9:55 AM, Anders Rundgren <anders.rundgren.net@gmail.com> \
> > > > wrote: 
> > > > On 2020-08-28 15:41, Weijun Wang wrote:
> > > > > What version of java are you using and what's your command to generate the \
> > > > > key pair?
> > > > 
> > > > Hi Max,
> > > > 
> > > > While waiting for JDK 15, I'm currently using JDK11 and BC but the question \
> > > > is really about the Signature object specification. 
> > > > KeyPairGenerator kpg = KeyPairGenerator.getInstance("X25519")
> > > > KeyPair kp = kpg.generateKeyPair();
> > > > 
> > > > A self-signed X25519 certificate would require that a X25519 key is useful as \
> > > > a signature key. 
> > > > Note: I'm not proposing such a feature, I'm just trying to understand :)
> > > > 
> > > > Regards,
> > > > Anders
> > > > > Thanks,
> > > > > Max
> > > > > > On Aug 28, 2020, at 7:03 AM, Anders Rundgren \
> > > > > > <anders.rundgren.net@gmail.com> wrote: 
> > > > > > Hi Crypto Experts,
> > > > > > 
> > > > > > Please pardon my ignorance regarding curve25519, but I ran into problems \
> > > > > > [*] trying to recreate the sample certificate: \
> > > > > > https://urldefense.com/v3/__https://tools.ietf.org/html/rfc8410*section-10 \
> > > > > > .2__;Iw!!GqivPVa7Brio!OMTnVBdbrt8MuV8YwHsti8iuWLk2QE3C6FGAQeBoMJj9pIBQiRO6cbcSLzY8F_90TQ$
> > > > > >  It seems that the certificate is signed with a key intended for ECDH.
> > > > > > Question: is Java's "Signature" object supposed to accept X25519 keys?
> > > > > > 
> > > > > > Personally I don't see any use of a self-signed encryption certificate so \
> > > > > > maybe this is just a bad example...kind of edge case. 
> > > > > > Regards,
> > > > > > Anders Rundgren
> > > > > > 
> > > > > > *] java.security.InvalidKeyException: cannot identify EdDSA private key
> > > > 
> > > 
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic