RFR: 8331008: KDF Implementation [v10]
Kevin Driver
kdriver at openjdk.org
Fri May 10 17:06:59 UTC 2024
On Thu, 9 May 2024 14:10:37 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>>
>> code review comment
>
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 36:
>
>> 34: * Parameters for the combined Extract-Only, Expand-Only, or Extract-then-Expand operations of the
>> 35: * HMAC-based Key Derivation Function (HKDF). The HKDF function is defined in <a
>> 36: * href="http://tools.ietf.org/html/rfc5869">RFC 5869</a>.
>
> Please give as many examples as you can here. This is the only public API for HKDF. Show people how to construct `HKDFParameterSpec` for all 3 operations.
>
> Describe the accumulation feature of `addIKM` and `addSalt` here, and point out why this is necessary (for labeled unextractable key). Then there is no need to mention this in all 4 `add` methods.
Done.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1597002322
More information about the security-dev
mailing list