On Wed, 14 Jan 2026 14:25:00 GMT, Weijun Wang <[email protected]> wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match >> the latest IETF drafts at: >> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-11 >> and >> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10. >> New security/system properties are introduced to determine which CHOICE a >> private key is encoded when a new key pair is generated or when >> `KeyFactory::translateKey` is called. >> >> By default, the choice is "seed". >> >> Both the encoding and the expanded format are stored inside a >> `NamedPKCS8Key` now. When loading from a PKCS #8 key, the expanded format is >> calculated from the input if it's seed only. > > Weijun Wang has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 14 commits: > > - Merge branch 'master' into 8347938 > - one RFC; some java.security word changes > - fixed merge error > - merge > - merge > - Ben comment > - combine security properties description; remove one test > - Merge branch 'master' into 8347938 > - KeyChoices class > - allow expanded to be null > - ... and 4 more: https://git.openjdk.org/jdk/compare/20bd178b...dfbcaa09 test/jdk/sun/security/provider/named/NamedKeys.java line 26: > 24: /* > 25: * @test > 26: * @bug 8347938 8347941 Remove 8347941, it is a dup of 8347938. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24969#discussion_r2721330629
