On Thu, 30 Jan 2025 22:00:07 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> The private key encoding formats of ML-KEM and ML-DSA are updated to match > the latest IERTF drafts at: > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-06 > and > https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-07. > Most importantly, the seed used to generate a key pair is now stored in the > private key. > > Both the seed and the expanded format are stored inside a `NamedPKCS8Key` > now. When loading from a PKCS #8 key that contains the seed, both fields will > be filled. If the PKCS #8 encoding only contains the expanded key (which does > not conform to the current drafts but might have been created earlier), the > expanded key will be read and used in KEM and signature operations. This pull request has been closed without being integrated. ------------- PR: https://git.openjdk.org/jdk/pull/23376
