RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v10]
Weijun Wang
weijun at openjdk.org
Wed Aug 7 16:25:36 UTC 2024
On Wed, 7 Aug 2024 15:06:19 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java line 468:
>>
>>> 466: "com.sun.crypto.provider.HkdfKeyDerivation$HkdfSHA384");
>>> 467: ps("KDF", "HKDFWithHmacSHA512",
>>> 468: "com.sun.crypto.provider.HkdfKeyDerivation$HkdfSHA512");
>>
>> Have you considered names such as HKDFWithSHA256? The "Hmac" part is sort of implied by the HKDF (Hmac-based Key Derivation Function). This also better matches the names used in [RFC 8619](https://datatracker.ietf.org/doc/html/rfc8619 ) which defines OIDs for HKDF. Now that we are adding support for HKDF, maybe add these oids to KnownOIDs?
>
> +1. A similar naming convention is also used for TLS: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-kdf-ids
+1. Note that `KDF.java` mentions the naming convention "ALGwithPRF". What exactly is the PRF here? "SHA-256" or "HmacSHA256"? I had suggested to move that naming convention to `HKDFParameterSpec`. Maybe we should not mention it anywhere?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1707384906
More information about the security-dev
mailing list