KDF API review, round 2
Jamil Nimeh
jamil.j.nimeh at oracle.com
Wed Nov 15 16:43:48 UTC 2017
Hello all,
Thanks to everyone who has given input so far. I've updated the
KeyDerivation API with the comments I've received. The new
specification is here:
Text: http://cr.openjdk.java.net/~jnimeh/reviews/kdfspec/kdfspec.02.txt
Javadoc: http://cr.openjdk.java.net/~jnimeh/reviews/kdfspec/javadoc.02/
In terms of high level changes:
* Moved to a getInstance/init usage pattern similar to Mac,
KeyAgreement, Cipher, etc. This allows KDF objects to be reused
with different parameters by reinitializing.
* Name change: DerivedKeyParameterSpec --> DerivationParameterSpec
* Keys returned by derivation methods are now java.security.Key rather
than SecretKey
* Provided additional derivation methods to support non-key based
output: deriveData, deriveObject
* Added a new constructor to DerivationParameterSpec to support the
Object return type.
Thanks,
--Jamil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20171115/d9827806/attachment.htm>
More information about the security-dev
mailing list