Add ChaCha20 and Poly1305 support to SunPKCS11 provider

XMLWordPrintable

    • behavioral
    • minimal
    • Other
    • JDK

      Summary

      Update "PKCS#11 Reference Guide" with the support for ChaCha20-Poly1305 cipher and ChaCha20 key. The CSR is the same as the JDK 17 CSR (JDK-8265008), except for the following changes:

      • The Java Security Standard Algorithm Names specification is not being updated with the new SecretKeyFactory "ChaCha20" algorithm. This is acceptable, as implementations are allowed to support algorithms not defined in the Standard Names specification.

      Problem

      SunPKCS#11 provider is enhanced to support ChaCha20-Poly1305 cipher and ChaCha20 key. The "PKCS#11 Reference Guide" doc should be updated accordingly.

      Solution

      Update table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide.

      Specification

      1. Add the following rows to the Table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide. (Please see https://docs.oracle.com/en/java/javase/11/security/pkcs11-reference-guide1.html#GUID-D3EF9023-7DDC-435D-9186-D2FD05674777 for the relevant guide for jdk 11)

      <table> <tr><th>Java Algorithm</th> <th>PKCS#11 Mechanisms</th></tr> <tr><td>Cipher.ChaCha20-Poly1305</td><td>CKM_CHACHA20_POLY1305</td></tr> <tr><td>KeyGenerator.ChaCha20</td><td>CKM_CHACHA20_KEY_GEN</td></tr> <tr><td>SecretKeyFactory.ChaCha20</td> <td>CKM_CHACHA20_POLY1305</td></tr> </table>

            Assignee:
            Prasadarao Koppula (Inactive)
            Reporter:
            Valerie Peng
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: