RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v22]
Kevin Driver
kdriver at openjdk.org
Thu Sep 5 22:41:22 UTC 2024
On Thu, 5 Sep 2024 15:15:31 GMT, Viktor Klang <vklang at openjdk.org> wrote:
>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>>
>> change impl class to use byte arrays rather than SecretKey objects where possible
>
> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 354:
>
>> 352: // sized the buffers to their largest possible size up-front,
>> 353: // but just in case...
>> 354: throw new RuntimeException(sbe);
>
> If this is truly something which should not be possible, it might be better to throw an InternalError.
I now throw a `ProviderException`, which is our usual approach in this case. See: https://github.com/openjdk/jdk/pull/20301/commits/59b1743fd225ff34e6bcce055fd47a887ed22a08.
> src/java.base/share/classes/javax/crypto/KDF.java line 354:
>
>> 352: continue;
>> 353: }
>> 354: if (t.hasNext()) {
>
> Looks like you can eliminate the `continue;` if you go with if-elses all the way.
>
> Suggestion:
>
> } else if (t.hasNext()) {
Addressed in https://github.com/openjdk/jdk/pull/20301/commits/59b1743fd225ff34e6bcce055fd47a887ed22a08.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1746243904
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1746241158
More information about the security-dev
mailing list