RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v28]
Sean Mullan
mullan at openjdk.org
Tue May 14 19:54:11 UTC 2024
On Mon, 13 May 2024 20:56:45 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDFSpi.java line 41:
>>
>>> 39: * All the abstract methods in this class must be implemented by each
>>> 40: * cryptographic service provider who wishes to supply the implementation of a
>>> 41: * particular key derivation algorithm.
>>
>> As a general point here, this doesn't link to anything that explains what any of this means. If I implement KDFSpi then what do I do with it? It's not referenced by anything else in the API.
>
> +1. Especially, describe what constructor an implementation should provide, it should be public, it should have an argument, it should throw some exceptions in some cases.
Suggest also adding this sentence:
"A `KDFSpi` implementation must be immutable. It must be safe to call multiple `engineDeriveKey` and `engineDeriveData` methods at the same time."
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18924#discussion_r1600568996
More information about the security-dev
mailing list