RFR: 8347289: HKDF delayed provider selection failed with non-extractable PRK
Weijun Wang
weijun at openjdk.org
Wed Jan 8 19:57:41 UTC 2025
On Wed, 8 Jan 2025 19:42:47 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HKDFKeyDerivation.java line 183:
>>
>>> 181: // set this value in the "if"
>>> 182: if ((pseudoRandomKey = anExpand.prk().getEncoded()) == null) {
>>> 183: throw new InvalidAlgorithmParameterException(
>>
>> My only question here is whether the `Expand` could be created without a PRK for any other reason besides it being non-extractable. If we think so (even if it's just user-error), then perhaps the wording of the message for the IAPE should be revised from the currently proposed text.
>
> In the creation of the `Expand` object, we've already guaranteed that PRK the object must be non null. The only problem here is its encoding.
I don't want to explicitly mention the null encoding so the wording is a little vague. What do you suggest?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22976#discussion_r1907739046
More information about the security-dev
mailing list