> The private key encoding formats of ML-KEM and ML-DSA are updated to match > the latest IERTF drafts at: > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-06 > and > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-07. > Most importantly, the seed used to generate a key pair is now stored in the > private key. > > Both the seed and the expanded format are stored inside a `NamedPKCS8Key` > now. When loading from a PKCS #8 key that contains the seed, both fields will > be filled. If the PKCS #8 encoding only contains the expanded key (which does > not conform to the current drafts but might have been created earlier), the > expanded key will be read and used in KEM and signature operations.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: add more checks into a test ------------- Changes: - all: https://git.openjdk.org/jdk/pull/23376/files - new: https://git.openjdk.org/jdk/pull/23376/files/cab4fc16..4ce726b5 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=01 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=00-01 Stats: 1220 lines in 2 files changed: 562 ins; 510 del; 148 mod Patch: https://git.openjdk.org/jdk/pull/23376.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/23376/head:pull/23376 PR: https://git.openjdk.org/jdk/pull/23376
