RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v11]
Valerie Peng
valeriep at openjdk.org
Tue Sep 3 20:15:37 UTC 2024
On Fri, 30 Aug 2024 23:22:15 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 227:
>>
>>> 225: == null) ? null : salt.getEncoded());
>>> 226: pseudoRandomKey = new SecretKeySpec(extractResult, "RAW");
>>> 227: return Arrays.copyOf(hkdfExpand(pseudoRandomKey, info, length),
>>
>> In the case of `length` is an exact multiples of hmac out length, we can return the output directly w/o the `Arrays.copyOf(...)` call, right?
>
> See: https://github.com/openjdk/jdk/pull/20301/commits/25c17b26231b2b63bab9193fe29c7c258f96a31f
It looks like `Arrays.copyOf()` is still called unconditionally?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1742631973
More information about the security-dev
mailing list