On Thu, 25 Jul 2024 15:39:46 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 138:
>>
>>> 136: // the lock is not needed, because the Spi will already be set
>>> in
>>> 137: // chooseProvider
>>> 138: lock = null;
>>
>> I guess that by `chooseProvider` you mean `chooseFirstProvider`. However,
>> I'm not sure how not having a lock would work in cases such as this one:
>>
>>
>> KDF kdf = KDF.getInstance("HkdfSHA512", sunPKCS11);
>> SecretKey derivedKey = kdf.deriveKey("AES", kdfParameterSpec);
>>
>>
>> I'm getting a `NullPointerException` because `lock` is `null` in
>> `KDF::deriveKey`.
>
> @martinuy thanks for your comment!
>
> I agree. Fix incoming.
See:
https://github.com/openjdk/jdk/pull/20301/commits/efa5246d2d07269fcb65b00f703c94ccab7f3f32
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1691689092
