RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v6]
Kevin Driver
kdriver at openjdk.org
Thu Jul 25 15:44:18 UTC 2024
On Wed, 24 Jul 2024 21:06:56 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> Kevin Driver has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR. The pull request contains one new commit since the last revision:
>>
>> change exception type
>
> src/java.base/share/classes/javax/crypto/KDF.java line 138:
>
>> 136: // the lock is not needed, because the Spi will already be set in
>> 137: // chooseProvider
>> 138: lock = null;
>
> I guess that by `chooseProvider` you mean `chooseFirstProvider`. However, I'm not sure how not having a lock would work in cases such as this one:
>
>
> KDF kdf = KDF.getInstance("HkdfSHA512", sunPKCS11);
> SecretKey derivedKey = kdf.deriveKey("AES", kdfParameterSpec);
>
>
> I'm getting a `NullPointerException` because `lock` is `null` in `KDF::deriveKey`.
@martinuy thanks for your comment!
I agree. Fix incoming.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1691686257
More information about the security-dev
mailing list