On Wed, 5 Mar 2025 20:20:10 GMT, Anthony Scarpino <[email protected]> wrote:
>> Hi,
>>
>> I need a review for the following change. Naming conventions for EdDSA and
>> XDH have inconsistencies between DisabledAlgorithms and KeyPairGenerator.
>> These internal changes help make it more consistent when parsing the actual
>> curve being used vs the broader algorithm name.
>>
>> thanks
>>
>> Tony
>
> Anthony Scarpino has updated the pull request incrementally with one
> additional commit since the last revision:
>
> rename getNamedCurveFromKey
test/jdk/sun/security/util/AlgorithmConstraints/DisabledAlgorithmPermits.java
line 86:
> 84: Arrays.asList(
> 85: new TestCase("EdDSA", false),
> 86: new TestCase("Ed25519", true),
Why should the above pass? If you disable `EdDSA` and you are still allowed
`Signature.getInstance("Ed25519")`? If this is because it will reject whatever
EdDSA key later? Why both check `CryptoPrimitive.SIGNATURE` at all?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r1985568746
