JDK-8213493 : X25519 private key PKCS#8 encoding/decoding is incorrect
  • Type: CSR
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Priority: P4
  • Status: Closed
  • Resolution: Approved
  • Fix Versions: 12
  • Submitted: 2018-11-07
  • Updated: 2018-11-14
  • Resolved: 2018-11-14
Related Reports
CSR :  
JDK-8213363 - X25519 private key PKCS#8 encoding/decoding is incorrect
Description
Summary
-------

Correct the PKCS8 encoded format for XDH private keys.

Problem
-------

In JDK 11, XDH (X25519/X448) private keys are encoded incorrectly. This encoding is produced by PrivateKey.getEncoded() and when an XDH private key is converted to a PKCS8EncodedKeySpec by the XDH KeyFactory. The implementation in JDK 11 also fails to decode correctly formatted keys.

Solution
--------

Modify the encoding/decoding routine so that it is correct. The incorrect encoding format from JDK 11 will no longer be supported.

Specification
-------------

No new specification. The encoding format is governed by RFC 8410.
Comments
Moving to Approved contingent on a release note item being created.
14-11-2018