RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v8]
Valerie Peng
valeriep at openjdk.org
Mon May 12 22:31:54 UTC 2025
On Mon, 12 May 2025 19:33:09 GMT, Kevin Driver <kdriver at openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Address review feedbacks from Brad.
>
> src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java line 128:
>
>> 126:
>> 127: // derive handshake secret
>> 128: // NOTE: do not reuse the HKDF object for "TlsEarlySecret" for
>
> Nit: There is no longer an "HKDF object". Might be worth updating this comment.
It actually means the "KDF object w/ HKDF algorithm", I can see how that may look confusing. I will change it to "KDF object".
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24393#discussion_r2085622605
More information about the security-dev
mailing list