RFR: 8274528: Add comment to explain an HKDF optimization in SSLSecretDerivation
Bradford Wetmore
wetmore at openjdk.java.net
Thu Sep 30 14:19:35 UTC 2021
On Thu, 30 Sep 2021 04:45:15 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> See comment, + a couple minor cleanups.
>
> src/java.base/share/classes/sun/security/ssl/SSLSecretDerivation.java line 153:
>
>> 151: private final byte[] label;
>> 152:
>> 153: SecretSchedule(String label) {
>
> Why are we opening the visibility on this enum? As far as I can tell it is only ever referenced within the SSLSecretDerivation class and could remain private if it hasn't been causing any problems up to now.
>From the JLS §8.8.3: https://docs.oracle.com/javase/specs/jls/se7/html/jls-8.html#jls-8.8.3
`
If no access modifier is specified for the constructor of an enum type, the constructor is private.
'
It's kind of like adding 'public' to interfaces. They're not necessary.
Does that alleviate your concern?
-------------
PR: https://git.openjdk.java.net/jdk/pull/5765
More information about the security-dev
mailing list