On Thu, 12 Dec 2024 04:14:22 GMT, Martin Balao <mba...@openjdk.org> wrote:
>> We would like to propose an implementation of the HKDF algorithms for >> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key >> Derivation Function API >> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)). >> >> This implementation will be under the _Preview_ umbrella until the KDF API >> becomes stable in a future JDK release. The benefit of this early proposal >> is to gather more feedback about the KDF API for future improvements. >> >> The `P11KDF` class has the core implementation and Java calls to the PKCS 11 >> API. Different native mechanism were used to merge key material: >> CKM_CONCATENATE_BASE_AND_DATA (key and data), CKM_CONCATENATE_BASE_AND_KEY >> (key and key) and CKM_CONCATENATE_DATA_AND_BASE (data and key). The >> implementation also supports merging data with data, at the Java level. List >> of HKDF algorithms supported: HKDF-SHA1, HKDF-SHA224, HKDF-SHA256, >> HKDF-SHA384, and, HKDF-SHA512. >> >> Derivation modes supported: extract, expand, and, extract-expand. >> >> We further advanced the consolidation of algorithm and key info in the >> P11SecretKeyFactory map —this effort started with the PBE support >> enhancement and has helped to avoid duplication—. The map has now >> information about HMAC (`HMACKeyInfo` class) and HKDF (`HKDFKeyInfo` class) >> algorithms. P11Mac is now aligned to take the information from the map. >> >> Generic keys now supported in SecretKeyFactory. Derived keys could be >> Generic. >> >> Testing >> >> * >> [TestHKDF.java](https://github.com/openjdk/jdk/blob/e87ec99b90ff742f531a5031fdeeb9f2e039856d/test/jdk/sun/security/pkcs11/KDF/TestHKDF.java) >> test added >> * All RFC 5869 test vectors checked (7 tests) >> * Cross-checking against SunJCE's HKDF implementation for every algorithm >> possible >> * Static assertion data for resilience if SunJCE were not available >> * Use of derived key for encryption check >> * Concatenation of input key material and salt checked (multiple >> combinations) >> * Multiple derivation types checked (extract only, expand only, and, >> extract-expand) >> * Derive key and derive data checked >> * All supported HKDF algorithms tested (HKDF-SHA1, HKDF-SHA224, >> HKDF-SHA256, HKDF-SHA384, and, HKDF-SHA512) >> * DH and ECDH key derivation for TLS checked >> * Informative output for debugging purposes (shown automatically if there >> is a test failure) >> * Note: test failures do not prevent all tests for running >> * Test integrated to the SunPKCS11 tests framework >> >> * No regressions observed in j... > > Martin Balao has updated the pull request incrementally with one additional > commit since the last revision: > > Fix NPE in assertion. > > Co-authored-by: Martin Balao Alonso <mba...@redhat.com> > Co-authored-by: Francisco Ferrari Bihurriet <fferr...@redhat.com> @driverkt should review this too. ------------- PR Comment: https://git.openjdk.org/jdk/pull/22215#issuecomment-2552101538
