RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v7]
Bradford Wetmore
wetmore at openjdk.org
Sat May 10 02:30:04 UTC 2025
On Thu, 8 May 2025 18:44:27 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 409:
>>
>>> 407: HKDFParameterSpec spec =
>>> 408: HKDFParameterSpec.ofExtract().addIKM(s).extractOnly();
>>> 409: return hkdf.deriveKey("Generic", spec);
>>
>> I haven't done much with DHKEM yet, but should the returned key have algorithm name of "Generic," or something more descriptive like the previous "HKDF-PRK"?
>
> Me neither. However, given `HKDF-PRK` is not a standard algorithm and also not recognized by the `SunPKCS11` provider, I changed it to `Generic`. Existing `HKDF` impl in the `SunPKCS11` provider is quite strict about the derived key algorithms and it will error out unless we add `HKDF-PRK` to be a recognized key algorithm for key derivation. Given these reasons, it seems `Generic` is the better choice here.
Is any specific salt needed here like in TLS?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24393#discussion_r2082761301
More information about the security-dev
mailing list