On 8/8/2017 8:45 AM, Anders Rundgren wrote:
On 2017-08-08 17:25, Adam Petcher wrote:

It sounds like what you are saying is
that I will need something like XDHPublicKey and XDHPrivateKey in
java.security.interfaces. Can you tell me why? What is it that we can't
do without these interfaces?

Every JOSE Java library I have seen constructs and deconstructs RSA and EC keys based on JWK definitions. Maybe we don't need XDH keys but it would be nice to
hear what the solution would be without such.

Then there's lot of stuff out there like this which also needs some
explanations on how to enhance with RFC7748 on board:

Object myOwnEncrypt(PublicKey publicKey) throws SecurityException {
    if (publicKey instanceof RSAKey) {
      // RSA
    } else {
      // It should be EC
    }
}

The code above is not reliable unless one understand the underlying JCA/JCE provider behavior exactly this way. For a certain provider, an RSA key may be not an instance of RSAKey. I would use key.getAlgorithm() instead.

Xuelei

CC:ing the creator of OKP keys.

https://tools.ietf.org/html/rfc8037#section-2

Anders

Reply via email to