8347938: Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings

[wangweij]

The private key encoding formats of ML-KEM and ML-DSA are updated to match the latest IETF drafts at: https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-11 and https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10. New security/system properties are introduced to determine which CHOICE a private key is encoded when a new key pair is generated or when KeyFactory::translateKey is called.

By default, the choice is "seed".

Both the encoding and the expanded format are stored inside a NamedPKCS8Key now. When loading from a PKCS #8 key, the expanded format is calculated from the input if it's seed only.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue
• Change requires CSR request JDK-8349163 to be approved

Issues

• JDK-8347938: Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings (Bug - P2)
• JDK-8349163: Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings (CSR)

Reviewers

• Ben Perez (@blperez01 - Committer) 🔄 Re-review required (review applies to 281af2c0)
• Mark Powers (@mcpowers - Committer) 🔄 Re-review required (review applies to 281af2c0)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/24969/head:pull/24969
$ git checkout pull/24969

Update a local copy of the PR:
$ git checkout pull/24969
$ git pull https://git.openjdk.org/jdk.git pull/24969/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 24969

View PR using the GUI difftool:
$ git pr show -t 24969

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/24969.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back weijun! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

❗ This change is not yet ready to be integrated.
See the Progress checklist in the description for automated requirements.

[wangweij]

/issue add JDK-8347941

[openjdk]

@wangweij The following labels will be automatically applied to this pull request:

• core-libs
• hotspot-runtime
• security

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing lists. If you would like to change these labels, use the /label pull request command.

[openjdk]

@wangweij
Adding additional issue to issue list: 8347941: Switch to latest ML-DSA private key encoding.

[mlbridge]

Webrevs

• 06: Full (fde6cd77)
• 05: Full - Incremental (281af2c0)
• 04: Full - Incremental (94a7a437)
• 03: Full (1d93be6f)
• 02: Full (eee45744)
• 01: Full - Incremental (1adbad42)
• 00: Full (67e9752a)

[wangweij]

/label remove core-libs
/label remove hotspot-runtime

[openjdk]

@wangweij
The core-libs label was successfully removed.

[openjdk]

@wangweij
The hotspot-runtime label was successfully removed.

[openjdk]

@wangweij this pull request can not be integrated into master due to one or more merge conflicts. To resolve these merge conflicts and update this pull request you can run the following commands in the local repository for your personal fork:

git checkout 8347938
git fetch https://git.openjdk.org/jdk.git master
git merge FETCH_HEAD
# resolve conflicts and follow the instructions given by git merge
git commit -m "Merge master"
git push

[bridgekeeper]

@wangweij This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply issue a /touch or /keepalive command to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

[bridgekeeper]

@wangweij This pull request has been inactive for more than 8 weeks and will now be automatically closed. If you would like to continue working on this pull request in the future, feel free to reopen it! This can be done using the /open pull request command.

[wangweij]

/open

[openjdk]

@wangweij This pull request is now open

[overheadhunter]

If my understanding is correct, we have now up to three byte[] in the NamedPKCS8Key class:

• the encoded format
• the raw expanded format
• the raw seed

With getRawBytes() either returning the encoded or the expanded format, depending on whether the encoded format and the expanded key are the same.

getEncoded() on the other hand always wraps the raw key in its ASN.1 structure.

Shouldn't engineTranslateKey() rely on the latter, then?

[bridgekeeper]

@wangweij This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply issue a /touch or /keepalive command to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

[wangweij]

/issue remove JDK-8347941

[openjdk]

@wangweij
Removing additional issue from issue list: 8347941.