On Mon, 3 Mar 2025 15:57:49 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >> >>  > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > add mode_auth and mode_auth_psk, tiny spec change Initially, I was unsure whether to support `mode_auth` and `mode_auth_psk` since our `KEM` API does not support authenticated encapsulation. However, after looking at HPKE implementations from other vendors -- such as OpenSSL, Go, and Rust -- I found that most of them support it. In the latest commit, I’ve added support by directly invoking newly added methods in the `DHKEM` private class. Note that DHKEM is a higher-level cryptographic algorithm built on lower-level primitives like DH key agreement and HKDF. As a result, even though it is implemented only in the SunJCE provider, it can handle keys or IKM values from other providers by leveraging DH and HKDF from those providers. ------------- PR Comment: https://git.openjdk.org/jdk/pull/18411#issuecomment-2695918278
