RFR: 8347289: HKDF delayed provider selection failed with non-extractable PRK
Kevin Driver
kdriver at openjdk.org
Wed Jan 8 19:24:26 UTC 2025
On Wed, 8 Jan 2025 18:43:30 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> A non-extractable PRK in HKDF Expand-Only is an invalid input, not an internal error.
src/java.base/share/classes/com/sun/crypto/provider/HKDFKeyDerivation.java line 183:
> 181: // set this value in the "if"
> 182: if ((pseudoRandomKey = anExpand.prk().getEncoded()) == null) {
> 183: throw new InvalidAlgorithmParameterException(
My only question here is whether the `Expand` could be created without a PRK for any other reason besides it being non-extractable. If we think so (even if it's just user-error), then perhaps the wording of the message for the IAPE should be revised from the currently proposed text.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22976#discussion_r1907691518
More information about the security-dev
mailing list