RFR: 8274528: Add comment to explain an HKDF optimization in SSLSecretDerivation
Jamil Nimeh
jnimeh at openjdk.java.net
Thu Sep 30 14:24:34 UTC 2021
On Thu, 30 Sep 2021 14:15:59 GMT, Bradford Wetmore <wetmore at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSecretDerivation.java line 153:
>>
>>> 151: private final byte[] label;
>>> 152:
>>> 153: SecretSchedule(String label) {
>>
>> Why are we opening the visibility on this enum? As far as I can tell it is only ever referenced within the SSLSecretDerivation class and could remain private if it hasn't been causing any problems up to now.
>
> From the JLS §8.8.3: https://docs.oracle.com/javase/specs/jls/se7/html/jls-8.html#jls-8.8.3
>
> `
> If no access modifier is specified for the constructor of an enum type, the constructor is private.
> '
>
> It's kind of like adding 'public' to interfaces. They're not necessary.
>
> Does that alleviate your concern?
Yes it does. I forgot that enums are private when there's no visibility explicitly stated. So given that the whole thing looks good to me.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5765
More information about the security-dev
mailing list