RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v11]
Valerie Peng
valeriep at openjdk.org
Thu Aug 29 18:54:31 UTC 2024
On Wed, 21 Aug 2024 00:14:55 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Addressed in https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055. Please indicate if this is resolved.
>
> Well, if a non-extractrable hardware key is passed to us, it'd lead to NPE with the new check. Instead of calling getEncoded() on it and access length directly, maybe relying on `CipherCore.getKeyBytes(prk)` which will throw InvalidKeyException?
Given that this comment is marked resolved(?), I am going to copy the above comment to the new version and start a new conversation so it's more visible.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1736928422
More information about the security-dev
mailing list