Rework HPKE into JCA Provider model. #1174
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
prbprbprb
requested review from
davidben and
jorgesaldivar
and removed request for
jorgesaldivar
jorgesaldivar
approved these changes
Oct 24, 2023
Yqwed
approved these changes
Oct 24, 2023
| throw new NoSuchMethodException(sourceMethod + " return value (" + sourceReturnType | ||
| + ") incompatible with target return value (" + targetReturnType + ")"); | ||
| } | ||
| methods.put(sourceMethod.getName(), sourceMethod); |
Collaborator
There was a problem hiding this comment.
nit: I don't know how likely it is, but if a method from HpkeSpi is overloaded, this will be overridden. Should we check that put returns null?
Contributor
Author
There was a problem hiding this comment.
I think that's covered, as we do
Method sourceMethod =
sourceClass.getMethod(targetMethod.getName(), targetMethod.getParameterTypes());
and (as I found during refactorings :) that won't match unless the parameters match exactly.
I am a bit concerned about differing checked exceptions though....
Also, I'm going to move that getClass() outside the loop though seeing as there's another fix needs to go in
| private final HpkeSuite hpkeSuite; | ||
| private EVP_HPKE_CTX ctx; | ||
| private byte[] enc; | ||
| public class HpkeContextSender extends HpkeContext{ |
added 15 commits
October 24, 2023 17:19
Java 9+ makes poor decisions about which constructor to look for when passing in an arg. Workaround adds un-needed complexity to the Provider, so go back to no-arg for now and if we actually need to track the Provider we'll add a setter to the SPI.
Also rename `enc` params to `encapsulated` for clarity.
Adds API code to initialise all modes, although only base mode is still implemented.
Also somehow I forgot to update the test expectations for decrypt errors in the last commit. *sigh*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Decouples API from implementation.
Client API finds implementation instances using JCA Provider model and uses them via astable SPI using only primitives and classes available since Android API level 19, possibly via duck typing reflection if they are in different packages.
Verified that this works end-to-end on Android where the API from a standalone Conscrypt library (
org.conscrypt) could find and use the implementation in the platform (com.android.org.conscrypt).Also re-aligns client API and thrown exceptions to more closely match other JCA services, e.g. Cipher