RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v11]
Valerie Peng
valeriep at openjdk.org
Tue Aug 13 18:10:53 UTC 2024
On Fri, 2 Aug 2024 18:11:35 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 183:
>>
>>> 181: * if no additional parameters were provided
>>> 182: */
>>> 183: public KDFParameters getKDFParameters() {
>>
>> I still want to know if this method always returns null if only getInstance(alg) is called without params. Or, when there are default params, they will be returned.
>
> Will discuss "offline" with the other `KDFParameters` & DPS discussion.
This will imp[act the API, e.g. whether KDFSpi needs an `engineGetKDFParameters()` method. BTW, I find the name
"KDFParameters" very confusing as there is a parameter spec in the `deriveKey()` method named "kdfParameterSpec". The JCA convention uses `AlgorithmParameters` and `AlgorithmParameterSpec` interchangeably, the former is an opaque representation vs the later is a transparent form which algorithm specific values are readily retrievable.
Maybe name the parameters more specifically based on their purpose? Say, "configParams" for the ones used in `getInstance(...)`, "deriveParams" for the one in `deriveKey()`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1715720356
More information about the security-dev
mailing list