RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v56]
Kevin Driver
kdriver at openjdk.org
Mon Oct 14 23:01:17 UTC 2024
On Mon, 14 Oct 2024 22:28:41 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>>
>> enable debug flag for exhaustive test @run
>
> test/jdk/com/sun/crypto/provider/KDF/HKDFExhaustiveTest.java line 26:
>
>> 24: /*
>> 25: * @test
>> 26: * @bug 8190951
>
> Changing it to 8331008?
Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/224c0d20e3c5b5478d5e5baf6325fb32ce242f08
> test/jdk/com/sun/crypto/provider/KDF/HKDFKnownAnswerTests.java line 65:
>
>> 63: // Non-mandatory fields - may be null
>> 64: salt = (saltStr != null) ? HexFormat.of().parseHex(saltStr) : null;
>> 65: info = (infoStr != null) ? HexFormat.of().parseHex(infoStr) : null;
>
> Instead of `null`, you should use new byte[0] for the default value when the corresponding string value is `null`. Because the `addSalt()` is always invoked regardless of the salt value.
Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/224c0d20e3c5b5478d5e5baf6325fb32ce242f08
> test/jdk/com/sun/crypto/provider/KDF/HKDFKnownAnswerTests.java line 93:
>
>> 91: "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"
>> 92: +
>> 93: "404142434445464748494a4b4c4d4e4f",
>
> The convention is to put the "+" at the end of line for compactness. You may have to put less characters each line in order to keep the line <= 80 chars.
>
> Or, another alternative is to reduce the indentation, e.g.
>
>> add(new TestData("RFC 5869 Test Case 2", "HKDF-SHA256",
>> "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" +
>> "202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f" +
>> "404142434445464748494a4b4c4d4e4f",
>> "606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f" +
>> "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f" +
>> "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf",
>> "b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecf" +
>> "d0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeef" +
>> "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
>> 82,
>> "06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244",
>> "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c" +
>> "59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71" +
>> "cc30c58179ec3e87c14c01d5c1f3434f1d87"));
>>
Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/224c0d20e3c5b5478d5e5baf6325fb32ce242f08
> test/jdk/com/sun/crypto/provider/KDF/HKDFKnownAnswerTests.java line 113:
>
>> 111: add(new TestData("RFC 5869 Test Case 3", "HKDF-SHA256",
>> 112: "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
>> 113: new String(new byte[0]), new String(new byte[0]), 42,
>
> Instead of `new String(new byte[0])`, you should be able to just use `null` for optional arguments?
Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/224c0d20e3c5b5478d5e5baf6325fb32ce242f08
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1800209946
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1800210031
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1800209971
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1800210008
More information about the security-dev
mailing list