RFR: 8331008: KDF Implementation [v6]
Sean Mullan
mullan at openjdk.org
Fri May 10 16:04:11 UTC 2024
On Fri, 10 May 2024 14:56:55 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are cryptographic algorithms for deriving additional keys from a secret key and other data. See [JEP 478](https://openjdk.org/jeps/478).
>
> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>
> change algorithm standard name for HKDFs in SunJCE provider
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 265:
> 263:
> 264: /**
> 265: * Gets the unmodifiable {@code List} of IKM values
I prefer the word "Returns" instead of "Gets" - same comment on other methods.
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 299:
> 297: *
> 298: * @param prk
> 299: * the PRK; may be {@code null}
Why would the PRK ever be null?
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 316:
> 314:
> 315: /**
> 316: * gets the PRK
Suggest rewording as: "Returns the pseudorandom key."
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 318:
> 316: * gets the PRK
> 317: *
> 318: * @return the PRK value
Change to: "the pseudorandom key"
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 325:
> 323:
> 324: /**
> 325: * gets the info
Suggest rewording as: "Returns the optional context and application specific information."
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 327:
> 325: * gets the info
> 326: *
> 327: * @return the info value
Suggest rewording as: "the optional context and application specific information"
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 334:
> 332:
> 333: /**
> 334: * gets the length
Suggest rewording as: "Returns the length of output keying material."
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 374:
> 372: }
> 373: if (length < 1) {
> 374: throw new IllegalArgumentException("length must be >= 1");
This needs to be in an @throws clause of the `extractExpand` method.
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 380:
> 378:
> 379: /**
> 380: * Gets the {@code List} of IKM values
See prior comment on wording.
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 398:
> 396:
> 397: /**
> 398: * Gets the info
See prior comment on wording.
src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 407:
> 405:
> 406: /**
> 407: * Gets the length
See prior comment on wording.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596919408
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596923194
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596921963
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596922370
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596930277
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596930692
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596932280
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596933671
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596934548
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596934176
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1596934333
More information about the security-dev
mailing list