RFR: 8331008: Implement JEP 478: Key Derivation Function API (Preview) [v36]
Weijun Wang
weijun at openjdk.org
Mon Sep 16 22:35:31 UTC 2024
On Mon, 16 Sep 2024 19:02:18 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDFSpi.java line 95:
>>
>>> 93: * If the required parameters were not supplied and can be generated by
>>> 94: * the {@code KDF} object, the generated parameters are returned;
>>> 95: * otherwise {@code null} is returned.
>>
>> According to the class spec, when you say parameters are _required_ the caller must provide a non-null value. The sentence above contradicts with this.
>
> This newer wording more clearly reflects the original intent of this passage: https://github.com/openjdk/jdk/pull/20301/commits/ea5ba798819568ca86d639ba6c7a9489d4e66c95.
Your previous sentence contains a very important information that even if no parameters were provided this method might still return one. Now it's only "certain fields of the parameters". This is not as strong as the previous one.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1762040398
More information about the security-dev
mailing list