On Thu, 7 Nov 2024 16:47:47 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Ben Perez has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - default random for encaps, supported alg in SunJCE
>> - copyright header
>
> src/java.base/share/classes/com/sun/crypto/provider/ML_KEM.java line 500:
>
>> 498: byte[] kem_d, byte[] kem_z)
>> 499: throws NoSuchAlgorithmException, DigestException {
>> 500: var mlKemH = MessageDigest.getInstance("SHA3-256");
>
> Should this algorithm be pulled out into a constant? Keccak is new-ish, but
> it may not be this forever and/or the output size may change from 256.
Made both SHA3-256 and SHA3-512 constants named `HASH_H_ NAME` and
`HASH_G_NAME` respectively
> src/java.base/share/classes/com/sun/crypto/provider/ML_KEM_Provider.java line
> 129:
>
>> 127: @Override
>> 128: public byte[][] implEncapsulate(String name, byte[]
>> encapsulationKey, Object ek, SecureRandom secureRandom) {
>> 129: byte[] randomBytes = new byte[32];
>
> Constant for `32`?
This is now `SEED_LENGTH`
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21478#discussion_r1833138156
PR Review Comment: https://git.openjdk.org/jdk/pull/21478#discussion_r1833137234
