Re: [PR] Add brainpool curves for EC key generation/cypher (main branch) [santuario-xml-security-java]

via GitHub Tue, 19 Mar 2024 23:10:21 -0700


jrihtarsic commented on PR #293:
URL: 
https://github.com/apache/santuario-xml-security-java/pull/293#issuecomment-2008715237


   @yklymenko  good catch: Looks like  SunJCE returns  different OID for 
generated (and then encoded) keys with algorithm name  'DH' than the 
BouncyCastle:
   
   The result for test below is :
   
   Expected :1.2.840.113549.1.3.1
   Actual   :1.2.840.10046.2.1
      ```
   @Test
       void generateEphemeralDHKeyPairComparison() throws Exception {
           // gen DH key pair with SunJCE
           KeyPairGenerator kpgSunJCE = KeyPairGenerator.getInstance("DH");
           KeyPair keyPairSun = kpgSunJCE.generateKeyPair();
   
           // gen DH key pair with BC
           KeyPairGenerator kpgBC = KeyPairGenerator.getInstance("DH", new 
org.bouncycastle.jce.provider.BouncyCastleProvider());
           KeyPair keyPairBC = kpgBC.generateKeyPair();
   
           String keyOidSunJCE = 
DERDecoderUtils.getAlgorithmIdFromPublicKey(keyPairSun.getPublic());
           String keyOidBC = 
DERDecoderUtils.getAlgorithmIdFromPublicKey(keyPairBC.getPublic());
   
           Assertions.assertEquals(keyOidSunJCE, keyOidBC);
       }
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] Add brainpool curves for EC key generation/cypher (main branch) [santuario-xml-security-java]

Reply via email to