On Fri, 30 Jan 2026 15:55:17 GMT, Weijun Wang <[email protected]> wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match >> the latest >> [draft-ietf-lamps-kyber-certificates-11](https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-11) >> and [RFC 9881](https://datatracker.ietf.org/doc/rfc9881/). New >> security/system properties are introduced to determine which CHOICE a >> private key is encoded when a new key pair is generated or when >> `KeyFactory::translateKey` is called. >> >> By default, the choice is "seed". >> >> Both the encoding and the expanded format are stored inside a >> `NamedPKCS8Key` now. When loading from a PKCS8 key, the expanded format is >> calculated from the input if it's seed only. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > address Sean's comments; more test cases Marked as reviewed by mullan (Reviewer). ------------- PR Review: https://git.openjdk.org/jdk/pull/24969#pullrequestreview-3740356268
