-
Type:
CSR
-
Resolution: Approved
-
Priority:
P3
-
Component/s: security-libs
-
None
-
behavioral
-
minimal
-
Other
-
SE
Summary
Update "PKCS#11 Reference Guide" with the support for ChaCha20-Poly1305 cipher and ChaCha20 key. Add ChaCha20 as standard SecretKeyFactory name in "Java Security Standard Algorithm Names" doc.
Problem
SunPKCS#11 provider is enhanced to support ChaCha20-Poly1305 cipher and ChaCha20 key. The "PKCS#11 Reference Guide" and "Java Security Standard Algorithm Names" docs should be updated accordingly.
Solution
Update table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide and "SecretKeyFactory Algorithms" section of Java Security Standard Algorithm Names.
Specification
- Add the following rows to the Table 5-3 "Java Algorithms Supported by the SunPKCS11 Provider" of PKCS#11 Reference Guide. (Please see https://docs.oracle.com/en/java/javase/16/security/pkcs11-reference-guide1.html#GUID-D3EF9023-7DDC-435D-9186-D2FD05674777 for the relevant guide for jdk 16)
<table> <tr><th>Java Algorithm</th> <th>PKCS#11 Mechanisms</th></tr> <tr><td>Cipher.ChaCha20-Poly1305</td><td>CKM_CHACHA20_POLY1305</td></tr> <tr><td>KeyGenerator.ChaCha20</td><td>CKM_CHACHA20_KEY_GEN</td></tr> <tr><td>SecretKeyFactory.ChaCha20</td> <td>CKM_CHACHA20_POLY1305</td></tr> </table>
- Add the following row to "
SecretKeyFactoryAlgorithms" section of Java Security Standard Algorithm Names.
<table> <tr><th>Algorithm Name</th> <th>Description</th></tr> <tr><td>ChaCha20</td><td>Constructs secret keys for use with the ChaCha20 and ChaCha20-Poly1305 algorithms.</td></tr> </table>
- csr of
-
JDK-8255410 Add ChaCha20 and Poly1305 support to SunPKCS11 provider
-
- Resolved
-