RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v11]
Kevin Driver
kdriver at openjdk.org
Wed Aug 28 20:44:10 UTC 2024
On Tue, 20 Aug 2024 23:37:03 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Addressed in https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055. Please indicate if this is resolved.
>
> "{@code null} if no salt is to be used" seems incorrect as RFC 5869 states that "if not provided, a string of HashLen zeros is used". It is more precise to use "{@code null} if no salt value is provided" as stated in RFC 5869.
Resolved in https://github.com/openjdk/jdk/pull/20301/commits/a65dc9da044297c313e02d698255bad915dc0a10.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1735260106
More information about the security-dev
mailing list