RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v34]
Weijun Wang
weijun at openjdk.org
Tue May 14 00:16:08 UTC 2024
On Mon, 13 May 2024 23:08:41 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 81:
>>
>>> 79: * if the initialization parameters are inappropriate for this {@code KDFSpi}
>>> 80: */
>>> 81: protected HkdfKeyDerivation(AlgorithmParameterSpec algParameterSpec)
>>
>> I suggest throwing an exception if params is not null.
>
> What would we say in the javadoc? We throw `null` temporarily, since there are no known algorithms that support parameters? We may not want to issue a change/fix if this becomes no longer the case (ie- some provider besides us offers one).
This is inside the HKDF impl, and we know params is not required. The params is provided through `getInstance(alg, params)`. Just throw `InvalidAlgorithmParameterException` as specified there.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1599230098
More information about the security-dev
mailing list