RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v27]

Kevin Driver kdriver at openjdk.org
Wed Sep 11 22:53:07 UTC 2024 

On Sun, 8 Sep 2024 16:36:03 GMT, Alan Bateman <alanb at openjdk.org> wrote:

>> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   updated comments around locking mechanism
>
> src/java.base/share/classes/javax/crypto/KDF.java line 53:
> 
>> 51:  * <p>
>> 52:  * The class has two derive methods, {@code deriveKey} and {@code deriveData}.
>> 53:  * The {@code deriveKey} method accepts an algorithm {@code String} and
> 
> It might be clearer to say an algorithm name, or  algorithm name as a String.

@AlanBateman: Resolved in https://github.com/openjdk/jdk/pull/20301/commits/82791ac01fb7f597a7e814403261c7a50e8a08df.

> src/java.base/share/classes/javax/crypto/KDF.java line 96:
> 
>> 94:  * deriveData methods. Therefore, it is recommended not to call the {@code
>> 95:  * getProviderName} or {@code getParameters} methods until after a key
>> 96:  * derivation operation. Once a provider is selected, it cannot be changed.
> 
> If I read this correctly, the first part of this paragraph is repeating the previous paragraph but with different wording, maybe the previous paragraph is left over from a previous iteration?

@AlanBateman: Resolved in https://github.com/openjdk/jdk/pull/20301/commits/82791ac01fb7f597a7e814403261c7a50e8a08df.

> src/java.base/share/classes/javax/crypto/KDF.java line 413:
> 
>> 411:      * @throws InvalidAlgorithmParameterException
>> 412:      *     if no {@code Provider} supports a {@code KDFSpi} implementation for
>> 413:      *     the specified algorithm and parameters
> 
> Can you double check the description of InvalidAlgorithmParameterException? This factory method has a provider parameter so I assume it's that _the_ provider doesn't support the ...

@AlanBateman, @seanjmullan: Resolved in https://github.com/openjdk/jdk/pull/20301/commits/82791ac01fb7f597a7e814403261c7a50e8a08df.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1755773443
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1755774839
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1755775217

More information about the security-dev mailing list