> The private key encoding formats of ML-KEM and ML-DSA are updated to match > the latest > [draft-ietf-lamps-kyber-certificates-11](https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-11) > and [RFC 9881](https://datatracker.ietf.org/doc/rfc9881/). New > security/system properties are introduced to determine which CHOICE a private > key is encoded when a new key pair is generated or when > `KeyFactory::translateKey` is called. > > By default, the choice is "seed". > > Both the encoding and the expanded format are stored inside a `NamedPKCS8Key` > now. When loading from a PKCS8 key, the expanded format is calculated from > the input if it's seed only.
Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: address Sean's comments; more test cases ------------- Changes: - all: https://git.openjdk.org/jdk/pull/24969/files - new: https://git.openjdk.org/jdk/pull/24969/files/91894fc6..205eb344 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=24969&range=12 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=24969&range=11-12 Stats: 67 lines in 4 files changed: 51 ins; 0 del; 16 mod Patch: https://git.openjdk.org/jdk/pull/24969.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/24969/head:pull/24969 PR: https://git.openjdk.org/jdk/pull/24969
