Draft design for Key Derivation API
Jamil Nimeh
jamil.j.nimeh at oracle.com
Fri Nov 3 20:59:34 UTC 2017
Hello all,
This is a review request for the draft of a new Key Derivation API. The
goal of this API will be to provide a framework for KDF algorithms like
HKDF, TLS-PRF, PBKDF2 and so forth to be publicly accessible. We also
plan to provide an SPI that let 3rd parties create their own
implementations of KDFs in their providers, rather than trying to force
them into KeyGenerators, SecretKeyFactories and the like.
Rather than stuff this email full of the specification text (since it is
likely to get quite a few iterations of comments and
comments-to-comments), I have placed the API both in simple text form
and as a Javadoc at the following locations:
spec: http://cr.openjdk.java.net/~jnimeh/reviews/kdfspec/kdfspec.01.txt
javadoc: http://cr.openjdk.java.net/~jnimeh/reviews/kdfspec/javadoc.01/
They're both the same content, just use whichever is friendlier for your
eyes.
In addition, I have opened up the JEP as well:
https://bugs.openjdk.java.net/browse/JDK-8189808
Thanks to those who have contributed to very early internal drafts of
this so far, and thanks in advance to those who will be contributing
comments going forward.
--Jamil
More information about the security-dev
mailing list