RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v10]
Kevin Driver
kdriver at openjdk.org
Fri Aug 16 21:16:31 UTC 2024
On Wed, 14 Aug 2024 02:28:52 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 74:
>>
>>> 72: if (kdfParameters != null) {
>>> 73: throw new InvalidAlgorithmParameterException(
>>> 74: "RFC 5869 has no parameters for its KDF algorithms");
>>
>> I think the exception should just say something like: `hmacAlgName + " does not support parameters"`. The algorithm name isn't necessary here if it is displayed somewhere along the exception stack.
>> I don't think putting an RFC number is helpful.
>
> +1, clearer to just state "xxx does not use configuration parameters" or something similar where xxx is the HKDF algorithm name.
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055. Please indicate if this is resolved.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1720350977
More information about the security-dev
mailing list