RFR: 8325448: Hybrid Public Key Encryption [v3]
Kevin Driver
kdriver at openjdk.org
Fri Feb 28 16:14:06 UTC 2025
On Thu, 27 Feb 2025 03:22:18 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>>
>> 
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> example and KAT
src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 323:
> 321: }
> 322: byte[] bytes = kdf.deriveData(extract.thenExpand(labeledInfo(
> 323: suiteId, CANDIDATE, I2OSP(counter, 1), Nsk), Nsk));
I'm not through every class yet, but is more input validation needed on `Nsk`, which ultimately becomes the length in the `HKDFParameterSpec`? Later in this class I see that it is checked to not exceed `65536`, but an `IllegalArgumentException` may be thrown here if the value is < 0. I see that you're throwing `Exception` from this method, but I thought I'd mention it since you are doing `HKDFParameterSpec` initialization in-line with the `deriveData` call.
src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 406:
> 404: }
> 405:
> 406: public static byte[] I2OSP(int n, int w) {
A comment (non-javadoc) might be beneficial to explain why this method is doing what it is doing.
src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 32:
> 30:
> 31: import javax.crypto.*;
> 32: import javax.crypto.spec.*;
It may be beneficial (however minimally) to avoid the use of wildcard imports.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975659308
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975663441
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975666647
More information about the security-dev
mailing list