Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Thu, 8 May 2025 18:04:58 GMT, Valerie Peng wrote: >> Or in the meantime: >> >> } finally { >> // Best effort >> if (eae_prk instanceof SecretKeySpec s) { >> SharedSecrets.getJavaxCryptoSpecAccess() >> .clearSecretKeySpec(s); >> } els

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Wed, 7 May 2025 05:00:57 GMT, Bradford Wetmore wrote: >> Yes, it'd be nice. I reopened https://bugs.openjdk.org/browse/JDK-8160206 >> and we can address this separately. > > Or in the meantime: > > } finally { > // Best effort > if (eae_prk instanceof SecretKeySpec s) { >

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Fri, 25 Apr 2025 18:23:14 GMT, Valerie Peng wrote: >> src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 260: >> >>> 258: if (eae_prk instanceof SecretKeySpec s) { >>> 259: SharedSecrets.getJavaxCryptoSpecAccess() >>> 260:

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Fri, 25 Apr 2025 18:40:17 GMT, Valerie Peng wrote: >> src/java.base/share/classes/sun/security/ssl/KAKeyDerivation.java line 131: >> >>> 129: >>> 130: // derive handshake secret >>> 131: return hkdf.deriveKey(type, HKDFParameterSpec.ofExtract() >> >> The line above m

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Fri, 25 Apr 2025 15:41:09 GMT, Weijun Wang wrote: >> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Undo the special workaround for JSSE in PKCS11 HKDF impl. > > src/java.base/share/classes/sun/security/ssl/PreSharedKeyE

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Fri, 25 Apr 2025 15:36:26 GMT, Weijun Wang wrote: >> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Undo the special workaround for JSSE in PKCS11 HKDF impl. > > src/java.base/share/classes/sun/security/ssl/KAKeyDerivati

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Fri, 25 Apr 2025 10:40:47 GMT, Daniel Jeliński wrote: >> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Undo the special workaround for JSSE in PKCS11 HKDF impl. > > src/java.base/share/classes/com/sun/crypto/provider/DH

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Thu, 17 Apr 2025 21:35:36 GMT, Valerie Peng wrote: >> This PR removes the internal JSSE HKDF impl and changes to use the KDF API >> for the HKDF support from JCA/JCE providers. >> >> This is just code refactoring. Known-answer regression test for the internal >> JSSE HKDF impl is removed as

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

On Thu, 17 Apr 2025 21:35:36 GMT, Valerie Peng wrote: >> This PR removes the internal JSSE HKDF impl and changes to use the KDF API >> for the HKDF support from JCA/JCE providers. >> >> This is just code refactoring. Known-answer regression test for the internal >> JSSE HKDF impl is removed as

Re: RFR: 8353578: Refactor existing usage of internal HKDF impl to use the KDF API [v4]

> This PR removes the internal JSSE HKDF impl and changes to use the KDF API > for the HKDF support from JCA/JCE providers. > > This is just code refactoring. Known-answer regression test for the internal > JSSE HKDF impl is removed as the test vectors are already covered by the HKDF > impl in