RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v63]

Kevin Driver kdriver at openjdk.org
Mon Oct 28 18:55:46 UTC 2024 

On Mon, 28 Oct 2024 16:31:33 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   remove unused method
>
> src/java.base/share/classes/javax/crypto/KDF.java line 224:
> 
>> 222:      * @throws NullPointerException
>> 223:      *         if {@code algorithm} is {@code null}
>> 224:      * @implNote The JDK Reference Implementation additionally uses the
> 
> I still recommend moving this `@implNote` right after the spec body text and before the 1st `@param`. Same with other `getInstance` methods and `engineDeriveKey` in `KDFSpi`.

Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/54d806943671842ae54ee723a4e86cd965b888ae

> src/java.base/share/classes/javax/crypto/KDFSpi.java line 40:
> 
>> 38:  * All the abstract methods in this class must be implemented by each
>> 39:  * cryptographic service provider who wishes to supply the implementation of a
>> 40:  * particular key derivation algorithm.
> 
> Shall we say `key derivation function algorithm`?

Address in: https://github.com/openjdk/jdk/pull/20301/commits/54d806943671842ae54ee723a4e86cd965b888ae

> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 123:
> 
>> 121:          *         than 0)
>> 122:          *
>> 123:          * @return an {@code ExtractThenExpand} object
> 
> In `extractOnly`, you have `@return an immutable...`. Do you want to add the "immutable" word here also?

Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/54d806943671842ae54ee723a4e86cd965b888ae

> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 336:
> 
>> 334:          * @return the unmodifiable {@code List} of salt values
>> 335:          *
>> 336:          * @implNote An HKDF implementation should concatenate the salt
> 
> Should this be `salt` or `salts`?

Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/54d806943671842ae54ee723a4e86cd965b888ae

> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 477:
> 
>> 475:          * @return the unmodifiable {@code List} of salt values
>> 476:          *
>> 477:          * @implNote An HKDF implementation should concatenate the salt
> 
> Same comments. Shall we use `salt` or `salts`?

Addressed in: https://github.com/openjdk/jdk/pull/20301/commits/54d806943671842ae54ee723a4e86cd965b888ae

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1819585483
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1819585246
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1819586314
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1819585980
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1819585648

More information about the security-dev mailing list