Summary

Update the getInstance method for KEM to check if a 3rd-party security provider is signed.

Problem

Like other JCE service classes (Cipher, Mac, KeyAgreement, etc), the KEM service is able to generate SecretKeys that can be used in encryption and decryption. As always, such services, when implemented in a 3rd-party security provider, require the provider to reside in a signed JAR file.

See the requirement in the Java SE Security Guide.

Solution

Update the KEM::getInstance methods to check whether the 3rd-party security provider is signed.

Precisely, if KEM.getInstance(alg) (without a provider argument) is called, the implementations in unsigned 3rd-party security providers will be ignored. If there is no signed 3rd-party security providers or JDK builtin providers that provide this KEM algorithm, a NoSuchAlgorithmException will be thrown. If KEM.getInstance(alg, p) (with a Provider argument) is called and the provider is an unsigned 3rd-party security provider, a SecurityException will be thrown indicating that the provider cannot be authenticated by JCE. If KEM.getInstance(alg, "P") (with a String argument as the registered provider's name) is called and the provider is an unsigned 3rd-party security provider, a NoSuchProviderException will be thrown indicating that the provider cannot be authenticated by JCE.

This is consistent with most other existing JCE service classes.

OpenJDK source code does not require 3rd party JCE providers to be signed, but does support a framework (by extending internal APIs) for vendors to optionally add support for it, as Oracle JDK does.

Specification

The Java SE Security Guide will be updated to include KEM in the existing list of JCE service classes. See https://bugs.openjdk.org/browse/JDK-8322973 for detailed changes.