RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v15]
Kevin Driver
kdriver at openjdk.org
Fri Aug 30 21:48:19 UTC 2024
On Mon, 26 Aug 2024 17:52:05 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 157:
>
>> 155: * <p>
>> 156: * This supports the use-case where a label can be applied to the IKM
>> 157: * but the actual value of the IKM is not yet available.
>
> I feel the two paragraphs above are repeated too many times. Better describe them in the class spec.
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/e4400b6edaf69d08726a63e2a705784c731648db. Please confirm if resolved.
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 160:
>
>> 158: * <p>
>> 159: * An implementation should concatenate the input key materials into a
>> 160: * single value once all components are available.
>
> The above is a requirement for implementations and should be better to be moved to `ikms`. You can keep the line here with `would` instead of `should`.
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/e4400b6edaf69d08726a63e2a705784c731648db. Please confirm if resolved.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739436692
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739436772
More information about the security-dev
mailing list