Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8279384

Add ChaCha20 and Poly1305 support to SunPKCS11 provider

XMLWordPrintable

    • behavioral
    • minimal
    • Other
    • JDK

      Summary

      Update "PKCS#11 Reference Guide" with the support for ChaCha20-Poly1305 cipher and ChaCha20 key. The CSR is the same as the JDK 17 CSR (JDK-8265008), except for the following changes:

      • The Java Security Standard Algorithm Names specification is not being updated with the new SecretKeyFactory "ChaCha20" algorithm. This is acceptable, as implementations are allowed to support algorithms not defined in the Standard Names specification.

      Problem

      SunPKCS#11 provider is enhanced to support ChaCha20-Poly1305 cipher and ChaCha20 key. The "PKCS#11 Reference Guide" doc should be updated accordingly.

      Solution

      Update table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide.

      Specification

      1) Add the following rows to the Table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide. (Please see https://docs.oracle.com/en/java/javase/11/security/pkcs11-reference-guide1.html#GUID-D3EF9023-7DDC-435D-9186-D2FD05674777 for the relevant guide for jdk 11)

      Java Algorithm PKCS#11 Mechanisms
      Cipher.ChaCha20-Poly1305CKM_CHACHA20_POLY1305
      KeyGenerator.ChaCha20CKM_CHACHA20_KEY_GEN
      SecretKeyFactory.ChaCha20 CKM_CHACHA20_POLY1305

            pkoppula Prasadarao Koppula
            valeriep Valerie Peng
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: