RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v6]
Kevin Driver
kdriver at openjdk.org
Thu Jul 25 15:44:18 UTC 2024
On Thu, 25 Jul 2024 15:39:46 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 138:
>>
>>> 136: // the lock is not needed, because the Spi will already be set in
>>> 137: // chooseProvider
>>> 138: lock = null;
>>
>> I guess that by `chooseProvider` you mean `chooseFirstProvider`. However, I'm not sure how not having a lock would work in cases such as this one:
>>
>>
>> KDF kdf = KDF.getInstance("HkdfSHA512", sunPKCS11);
>> SecretKey derivedKey = kdf.deriveKey("AES", kdfParameterSpec);
>>
>>
>> I'm getting a `NullPointerException` because `lock` is `null` in `KDF::deriveKey`.
>
> @martinuy thanks for your comment!
>
> I agree. Fix incoming.
See: https://github.com/openjdk/jdk/pull/20301/commits/efa5246d2d07269fcb65b00f703c94ccab7f3f32
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1691689092
More information about the security-dev
mailing list