RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v36]
Weijun Wang
weijun at openjdk.org
Mon Sep 16 17:31:33 UTC 2024
On Mon, 16 Sep 2024 16:36:24 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 194:
>>
>>> 192: * otherwise {@code null} is returned.
>>> 193: *
>>> 194: * @see <a href="#DelayedProviderSelection">Delayed Provider Selection</a>
>>
>> Why `@see DPS`? The paragraph above has nothing to do with it.
>>
>> If you meant the warning not to call it too early (which I think is not necessary), why not add the same to the `getProviderName` method?
>
> `@see DPS` is also present in the header/javadoc for `getProviderName` currently. I don't think I understand that part of your comment.
>
> The intent is to refer the reader to the *entire* DPS selection of the class specification when calling a method which is affected by DPS.
Oh, sorry, I don't why I didn't see the `@see` in `getProviderName`.
If you need to refer to the reader to this information, please add it to `deriveData` and `deriveKey` as well.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1761568718
More information about the security-dev
mailing list