RFR: 8331008: KDF Implementation (Preview) [v28]
Sean Mullan
mullan at openjdk.org
Mon May 13 15:12:20 UTC 2024
On Mon, 13 May 2024 13:55:48 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 50:
>>
>>> 48: * {@code KDF} objects are instantiated through the {@code getInstance} family
>>> 49: * of methods. Key derivation algorithm names follow a naming convention of
>>> 50: * <I>Algorithm</I>with<I>PRF</I>. The algorithm field is the KDF algorithm
>>
>> Do you mean "With" rather than "with" here?
>
> In fact, is it true that all KDF algorithms look like "MechWithPRF"? There are quite some KDF algorithms simply named "kdf1", "kdf2", and "kdf3" (although these are legacy). If this naming convention is mainly for HKDF, I recommend moving it into `HKDFParameterSpec`. Maybe in an `@implNote` there, tell the implementor that only 3 algorithms are standardized now.
Or just leave this out entirely. With maybe the exception of `Cipher` API, we don't usually discuss the algorithm name syntax in the javadocs - that is best left to the Standard Algorithm Names specification.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1598641623
More information about the security-dev
mailing list