RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v15]
Kevin Driver
kdriver at openjdk.org
Thu Aug 29 20:06:07 UTC 2024
On Mon, 26 Aug 2024 17:56:54 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 175:
>
>> 173: (HKDFParameterSpec.Expand) derivationParameterSpec;
>> 174: // set this value in the "if"
>> 175: if ((pseudoRandomKey = anExpand.prk()) == null) {
>
> Will not happen. Throw an `AssertionError` instead.
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/deadc28d6d81f5ecc056b38762f6cda49fd0cfe5. Please confirm.
> src/java.base/share/classes/javax/crypto/KDF.java line 518:
>
>> 516: * the object describing the inputs to the derivation function
>> 517: *
>> 518: * @return a byte array corresponding to the KDF output and according to
>
> I suggest `@return the derived key in its raw bytes`. This also implies my earlier suggestion on the relation between the output of the 2 derive methods.
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/deadc28d6d81f5ecc056b38762f6cda49fd0cfe5. Please confirm.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1737092684
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1737092137
More information about the security-dev
mailing list