-
CSR
-
Resolution: Approved
-
P3
-
None
-
source
-
low
-
-
Java API
-
SE
Summary
Introduce a new AsymmetricKey
interface as the parent of existing PublicKey
and PrivateKey
interfaces with a getParams
method inside.
Problem
Every existing algorithm-specific asymmetric key interface (Ex: RSAKey
and ECKey
) has a getParams()
method that returns the parameters for a key. An application usually calls the method in this way:
AlgorithmParameterSpec spec;
if (key instanceof RSAKey rsaKey) {
spec = rsaKey.getParams();
} else if (key instanceof ECKey ecKey) {
spec = ecKey.getParams();
} else if ....
} else {
throw new Exception("Unknown key type");
}
This approach has several problems:
The code is cumbersome, and the user would have to add a new else block whenever a new algorithm is introduced.
We have to create a new algorithm-specific key interface whenever a new algorithm is introduced. Normally, we can backport a new algorithm but we are not allowed to backport a new interface. Thus there is no way to retrieve the parameters in an old release.
Solution
Created a new interface that is the parent of the PublicKey
and PrivateKey
interfaces.
public interface AsymmetricKey extends Key {
default AlgorithmParameterSpec getParams() {
return null;
}
}
In the future, whenever a new algorithm is introduced its public key and private key objects automatically inherit this method.
For existing interfaces (e.g. ECKey
) that already has this method, add a default implementation into its child interface (e.g. ECPublicKey
and ECPrivateKey
) to resolve the conflict where the compiler cannot determine which implementation to choose.
Note that for the DSA algorithm, DSAKey::getParams
returns DSAParams
which is not a child of AlgorithmParameterSpec
. Redefine this type to extend AlgorithmParameterSpec
.
Specification
Created a new interface with a new method with a default implementation:
package java.security;
/**
* An asymmetric key, which can be either a public key or a private key.
* This interface contains methods that are common to either a public key or
* a private key.
*
* @since 22
*/
public interface AsymmetricKey extends Key {
/**
* Returns the parameters associated with this key.
* The parameters are optional and may be either
* explicitly specified or implicitly created during
* key pair generation.
*
* @implSpec
* The default implementation returns {@code null}.
*
* @return the associated parameters, may be {@code null}
*/
default AlgorithmParameterSpec getParams() {
return null;
}
}
Add a getParams
method to algorithm-specific child interfaces that return null as the default implementation, including DSAPrivateKey
, RSAPublicKey
, DHPrivateKey
, DHPublicKey
, RSAPrivateKey
, RSAPublicKey
, ECPrivateKey
, ECPublicKey
, EdEcPrivateKey
, EdEcPublicKey
, XECPrivateKey
, and XECPublicKey
. For an algorithm-specific interface whose getParams()
method already returns a child type, return the same type in its child classes. For example:
interface ECKey {
ECParameterSpec getParams();
}
interface ECPrivateKey extends ECKey, PrivateKey {
+ default ECParameterSpec getParams() {
+ return null;
+ }
}
interface ECPublicKey extends ECKey, PublicKey {
+ default ECParameterSpec getParams() {
+ return null;
+ }
}
Update the DSAParams
interface to be a child type of AlgorithmParameterSpec
.
-public interface DSAParams {
+public interface DSAParams extends AlgorithmParameterSpec {
- csr of
-
JDK-8318096 Introduce AsymmetricKey interface with a getParams method
-
- Resolved
-