RFR: 8328119: Support HKDF in SunPKCS11 (Preview) [v8]
Martin Balao
mbalao at openjdk.org
Tue Jan 7 16:54:39 UTC 2025
On Mon, 6 Jan 2025 22:20:23 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Check disabled PKCS #11 mechanisms when concatenating keys and data.
>>
>> Co-authored-by: Martin Balao Alonso <mbalao at redhat.com>
>> Co-authored-by: Francisco Ferrari Bihurriet <fferrari at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KDF.java line 78:
>
>> 76: this.hmacMechanism = hmacMechanism;
>> 77: this.svcKi = P11SecretKeyFactory.getHKDFKeyInfo(algorithm);
>> 78: assert this.svcKi != null : "Only HKDF algorithms supported.";
>
> The error message is a bit strange, do u mean `"Unsupported HKDF algorithm " + algorithm`?
Yes, either way works for me. I'll replace it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22215#discussion_r1905776360
More information about the security-dev
mailing list