RFR: 8328119: Support HKDF in SunPKCS11 (Preview) [v8]
Martin Balao
mbalao at openjdk.org
Tue Jan 7 19:52:42 UTC 2025
On Sat, 4 Jan 2025 01:18:01 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Check disabled PKCS #11 mechanisms when concatenating keys and data.
>>
>> Co-authored-by: Martin Balao Alonso <mbalao at redhat.com>
>> Co-authored-by: Francisco Ferrari Bihurriet <fferrari at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KDF.java line 45:
>
>> 43: private final Token token;
>> 44: private final P11SecretKeyFactory.HKDFKeyInfo svcKi;
>> 45: private final long hmacMechanism;
>
> `svcki` and `hmacMechanism` are HKDF specific, so maybe this class should be named `P11HKDF` instead?
Our original intention was to keep it more open but it's true that in the end it's HKDF-specific. I'll rename it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22215#discussion_r1905965613
More information about the security-dev
mailing list