RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v15]
Kevin Driver
kdriver at openjdk.org
Fri Aug 30 16:37:57 UTC 2024
On Thu, 29 Aug 2024 17:50:28 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/java/security/KDFParameters.java line 43:
>>
>>> 41: * <p>
>>> 42: * The {@code KDFParameters} used for initialization can be retrieved via
>>> 43: * {@link javax.crypto.KDF#getParameters()}.
>>
>> Since you add this line here right after the "initialized with" line, there should be some words about the difference between the user-provided params and actual params.
>
> I think the reference to `KDF#getParameters()` is meant to refer the reader to the information there, rather than repeating it again here. Thoughts?
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/6b7a75da2ebb1cc9d95628018d756e2ce2162768. Please review and confirm if resolved.
>> src/java.base/share/classes/javax/crypto/KDF.java line 518:
>>
>>> 516: * the object describing the inputs to the derivation function
>>> 517: *
>>> 518: * @return a byte array corresponding to the KDF output and according to
>>
>> I suggest `@return the derived key in its raw bytes`. This also implies my earlier suggestion on the relation between the output of the 2 derive methods.
>
> Addressed in https://github.com/openjdk/jdk/pull/20301/commits/deadc28d6d81f5ecc056b38762f6cda49fd0cfe5. Please confirm.
KDFSpi also edited now. Addressed in https://github.com/openjdk/jdk/pull/20301/commits/6b7a75da2ebb1cc9d95628018d756e2ce2162768. Please review and confirm if resolved.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739095549
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739096843
More information about the security-dev
mailing list