RFC 5656 support (ECDSA and ECDH)

[Kenny Root <ke...@the-b.org>]

I just made a patch to MINA SSHD to support RFC 5656 (ECDSA and ECDH). I
would like to contribute this back to the code base, but I'm not sure of
the exact way in which it should be submitted.

Note that this patch has some requirements that should be noted:
1. The required classes such as ECParameterSpec is only available in Java
1.5 or newer.
2. Sun/Oracle's JRE didn't have support for EC on all platforms until Java
7 (I think Solaris was earlier)
3. OpenJDK doesn't have support built-in until Java 8

One mitigation for those JDK problems is that Bouncycastle has worked with
EC for many versions.

Re: RFC 5656 support (ECDSA and ECDH)

[Guillaume Nodet <gn...@apache.org>]

Thx for the patches.
I'll try to review them but this may only be at the beginning of january ...


2013/12/22 Emmanuel Lécharny <el...@gmail.com>

> Le 12/22/13 7:07 PM, Kenny Root a écrit :
> > On Sun, Dec 22, 2013 at 11:53 AM, Emmanuel Lécharny <elecharny@gmail.com
> >wrote:
> >
> >> Le 12/22/13 6:43 PM, Kenny Root a écrit :
> >>> I just made a patch to MINA SSHD to support RFC 5656 (ECDSA and ECDH).
> I
> >>> would like to contribute this back to the code base, but I'm not sure
> of
> >>> the exact way in which it should be submitted.
> >>>
> >>> Note that this patch has some requirements that should be noted:
> >>> 1. The required classes such as ECParameterSpec is only available in
> Java
> >>> 1.5 or newer.
> >> That's not an issue. We don't support 1.4 anymore.
> >>
> >>
> >> 2. Sun/Oracle's JRE didn't have support for EC on all platforms until
> Java
> >>> 7 (I think Solaris was earlier)
> >>> 3. OpenJDK doesn't have support built-in until Java 8
> >>>
> >>> One mitigation for those JDK problems is that Bouncycastle has worked
> >> with
> >>> EC for many versions.
> >> can we depend on ECParameterSpec class from BouncyCastle, and not depend
> >> on a JVM version ?
> >
> > BouncyCastle registers by default JCE support for all EC algorithms
> needed,
> > so this is reasonable.
> >
> > Any preference on reviewing this patch? I was going to fork on Github and
> > submit my patch to my fork so it could be commented on.
>
> The best would be to create a pull request, and attach it to a JIRA.
> JIRA will remain forever, when mails will be soon forgetten...
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
>

Re: RFC 5656 support (ECDSA and ECDH)

[Emmanuel Lécharny <el...@gmail.com>]

Le 12/22/13 7:07 PM, Kenny Root a écrit :
> On Sun, Dec 22, 2013 at 11:53 AM, Emmanuel Lécharny <el...@gmail.com>wrote:
>
>> Le 12/22/13 6:43 PM, Kenny Root a écrit :
>>> I just made a patch to MINA SSHD to support RFC 5656 (ECDSA and ECDH). I
>>> would like to contribute this back to the code base, but I'm not sure of
>>> the exact way in which it should be submitted.
>>>
>>> Note that this patch has some requirements that should be noted:
>>> 1. The required classes such as ECParameterSpec is only available in Java
>>> 1.5 or newer.
>> That's not an issue. We don't support 1.4 anymore.
>>
>>
>> 2. Sun/Oracle's JRE didn't have support for EC on all platforms until Java
>>> 7 (I think Solaris was earlier)
>>> 3. OpenJDK doesn't have support built-in until Java 8
>>>
>>> One mitigation for those JDK problems is that Bouncycastle has worked
>> with
>>> EC for many versions.
>> can we depend on ECParameterSpec class from BouncyCastle, and not depend
>> on a JVM version ?
>
> BouncyCastle registers by default JCE support for all EC algorithms needed,
> so this is reasonable.
>
> Any preference on reviewing this patch? I was going to fork on Github and
> submit my patch to my fork so it could be commented on.

The best would be to create a pull request, and attach it to a JIRA.
JIRA will remain forever, when mails will be soon forgetten...


-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com 

Re: RFC 5656 support (ECDSA and ECDH)

[Kenny Root <ke...@the-b.org>]

On Sun, Dec 22, 2013 at 11:53 AM, Emmanuel Lécharny <el...@gmail.com>wrote:

> Le 12/22/13 6:43 PM, Kenny Root a écrit :
> > I just made a patch to MINA SSHD to support RFC 5656 (ECDSA and ECDH). I
> > would like to contribute this back to the code base, but I'm not sure of
> > the exact way in which it should be submitted.
> >
> > Note that this patch has some requirements that should be noted:
> > 1. The required classes such as ECParameterSpec is only available in Java
> > 1.5 or newer.
>
> That's not an issue. We don't support 1.4 anymore.
>
>
> 2. Sun/Oracle's JRE didn't have support for EC on all platforms until Java
> > 7 (I think Solaris was earlier)
> > 3. OpenJDK doesn't have support built-in until Java 8
> >
> > One mitigation for those JDK problems is that Bouncycastle has worked
> with
> > EC for many versions.
>
> can we depend on ECParameterSpec class from BouncyCastle, and not depend
> on a JVM version ?


BouncyCastle registers by default JCE support for all EC algorithms needed,
so this is reasonable.

Any preference on reviewing this patch? I was going to fork on Github and
submit my patch to my fork so it could be commented on.

Re: RFC 5656 support (ECDSA and ECDH)

[Emmanuel Lécharny <el...@gmail.com>]

Le 12/22/13 6:43 PM, Kenny Root a écrit :
> I just made a patch to MINA SSHD to support RFC 5656 (ECDSA and ECDH). I
> would like to contribute this back to the code base, but I'm not sure of
> the exact way in which it should be submitted.
>
> Note that this patch has some requirements that should be noted:
> 1. The required classes such as ECParameterSpec is only available in Java
> 1.5 or newer.

That's not an issue. We don't support 1.4 anymore.

> 2. Sun/Oracle's JRE didn't have support for EC on all platforms until Java
> 7 (I think Solaris was earlier)
> 3. OpenJDK doesn't have support built-in until Java 8
>
> One mitigation for those JDK problems is that Bouncycastle has worked with
> EC for many versions.

can we depend on ECParameterSpec class from BouncyCastle, and not depend
on a JVM version ?


-- 
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com