RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v11]
Valerie Peng
valeriep at openjdk.org
Tue Aug 13 23:10:55 UTC 2024
On Tue, 13 Aug 2024 15:24:11 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are cryptographic algorithms for deriving additional keys from a secret key and other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924).
>
> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>
> addressed several review comments, namely: - renaming the getParameters method - renaming the AlgorithmParameterSpec object - address some javadoc exception messages - add some information to KDF class private constructor javadocs - other general cleanup
src/java.base/share/classes/javax/crypto/KDFSpi.java line 129:
> 127: * derivation parameters
> 128: *
> 129: * @return a byte array corresponding to a key built from the
Can't we just state
> @return a byte array output by this KDF object using the derivation parameters.
No need to mention the "key built from ..." part. KDF output is bytes, we package it into key objects and not the other way around.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1716073504
More information about the security-dev
mailing list