Hi All,
The JEP draft was just updated again.
The KEMParameterSpec argument is moved from getInstance() to newEncapsulator()
and newDecapsulator(). The reason is that when delayed provider selection
happens, a KEMSpi object is only created when newEncapsulator/newDecapsulator
is called. If the parameter is rejected then some kind of exception should be
thrown. It looks a little strange for newEncapsulator/newDecapsulator to throw
an InvalidAlgorithmParameterException since their only argument is a key. A
user might also question why the exception was not thrown when getInstance()
was called.
Furthermore, since the only bonus a KEMParameterSpec provides is a SecureRandom
and it's useless for a decapsulator, we decided to remove the KEMParameterSpec
class. User can now provide a SecureRandom and an AlgorithmParameterSpec
separately when creating an encapsulator, and only an AlgorithmParameterSpec
when creating a decapsulator.
public Encapsulator newEncapsulator(PublicKey pk, AlgorithmParameterSpec
spec, SecureRandom sr)
throws InvalidAlgorithmParameterException, InvalidKeyException;
public Decapsulator newDecapsulator(PrivateKey sk, AlgorithmParameterSpec
spec)
throws InvalidAlgorithmParameterException, InvalidKeyException;
Please take a look. The updated JEP is still at
https://openjdk.org/jeps/8301034.
Thanks,
Max
