On Mon, 24 Nov 2025 18:10:30 GMT, Weijun Wang <[email protected]> wrote:
>> Hai-May Chao has updated the pull request incrementally with three >> additional commits since the last revision: >> >> - Update names to uppercase >> - Remove fallback in engineGeneratePublic >> - Change default named group list to have only X25519MLKEM768 > > src/java.base/share/classes/sun/security/ssl/NamedGroup.java line 232: > >> 230: NamedGroupSpec.NAMED_GROUP_KEM, >> 231: ProtocolVersion.PROTOCOLS_OF_13, >> 232: null), > > I know the 3 named groups above are not used yet, but the `name` field will > be used in the constructor by `KeyFactory.getInstance(name)`. Since > "MLKEM1024" is not a standard algorithm name, the call would failed with a > NSAE. The `AlgorithmParameterSpec` for these 3 named groups registry are set to null. In the constructor, the `mediator` will be false for them so that `KeyFactory.getInstance(name)` will not be called to fail with a NSAE. Will do some translation when we support post-quantum ML-KEM. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27614#discussion_r2584260461
