RFR: 8328119: Support HKDF in SunPKCS11 (Preview) [v5]
Sean Mullan
mullan at openjdk.org
Wed Dec 18 21:36:42 UTC 2024
On Wed, 18 Dec 2024 19:50:26 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/SunPKCS11.java line 1092:
>>
>>> 1090: m(CKM_HKDF_DERIVE, CKM_HKDF_DATA));
>>> 1091: d(KDF, "HKDF-SHA512", P11KDF, m(CKM_SHA512_HMAC),
>>> 1092: m(CKM_HKDF_DERIVE, CKM_HKDF_DATA));
>>
>> We only defined HKDF-SHA256 and later in the Java Security Standard Names doc.
>
> We included SHA1 because there could be a legacy use case to support and it's part of the test vectors for RFC 5869 (HMAC-based Extract-and-Expand Key Derivation Function (HKDF)). We don't recommend using it, and will probably filter it out once we have the Filter integrated, but would you be okay with keeping it?
Do you have any data on how many legacy use cases use it? I think for new mechanisms we should be forward looking and refrain from adding support for weak or not recommended algorithms unless there is a very good reason. It is often harder to remove something than to add it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22215#discussion_r1890863656
More information about the core-libs-dev
mailing list