Open jasonkatonica opened 3 weeks ago
We need to make sure that is works with BouncyCastle as well. Since this is where these were tested originally.
Yes that makes sense we investigate that all providers oracle and bouncy castle match, and if not comment this well and decide which encodings we should use.
The test
BaseTestXDHKeyImport
once properly testing specific providers ( OpenJCEPlus and OpenJCEPlusFIPS ) does not match encodings by other providers.The code should be updated such that encodings created by the OpenJCEPlus and OpenJCEPlusFIPS provider create keys similar to the SunEC provider in each release. There are different formats of such keys explained in a comment here:
https://github.com/IBM/OpenJCEPlus/blob/3c44149386d98d4834da3409744443918d31239a/src/test/java/ibm/jceplus/junit/base/BaseTestXDHKeyImport.java#L159
Our code does not appear to match what Sun is doing and the test should enforce this by producing encodings with Sun and our provider and ensuring not only that they match the expected value but match each other in format.