> The private key encoding formats of ML-KEM and ML-DSA are updated to match > the latest IERTF drafts at: > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-06 > and > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-07. > Most importantly, the seed used to generate a key pair is now stored in the > private key. > > Both the seed and the expanded format are stored inside a `NamedPKCS8Key` > now. When loading from a PKCS #8 key that contains the seed, both fields will > be filled. If the PKCS #8 encoding only contains the expanded key (which does > not conform to the current drafts but might have been created earlier), the > expanded key will be read and used in KEM and signature operations.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: change name from "alt" to "transformed"; supporting jdk24 encoding ------------- Changes: - all: https://git.openjdk.org/jdk/pull/23376/files - new: https://git.openjdk.org/jdk/pull/23376/files/77deb7ce..d4e19614 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=05 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=23376&range=04-05 Stats: 419 lines in 14 files changed: 198 ins; 157 del; 64 mod Patch: https://git.openjdk.org/jdk/pull/23376.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/23376/head:pull/23376 PR: https://git.openjdk.org/jdk/pull/23376
