On Tue, 13 Aug 2024 00:13:38 GMT, Anthony Scarpino <ascarp...@openjdk.org> wrote:
>> Kevin Driver has updated the pull request with a new target base due to a >> merge or a rebase. The incremental webrev excludes the unrelated changes >> brought in by the merge/rebase. The pull request contains 16 additional >> commits since the last revision: >> >> - update test to include Spi updates >> - Update with latest from master >> >> Merge remote-tracking branch 'origin/master' into kdf-jep-wip >> # Please enter a commit message to explain why this merge is necessary, >> # especially if it merges an updated upstream into a topic branch. >> # >> # Lines starting with '#' will be ignored, and an empty message aborts >> # the commit. >> - add engineGetKDFParameters to the KDFSpi >> - code review comment fix for javadoc specification >> - change course on null return values from derive methods >> - code review comments >> - threading refactor + code review comments >> - review comments >> - review comments >> - update code snippet type in KDF >> - ... and 6 more: https://git.openjdk.org/jdk/compare/ea293934...dd2ee48f > > src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java > line 258: > >> 256: byte[] workItemBytes = CipherCore.getKeyBytes(checkIt); >> 257: return new SecretKeySpec(workItemBytes, "Generic"); >> 258: } else { > > I think this is less error prone and easier to read than what you have below: > > ByteArrayOutputStream os = new ByteArrayOutputStream(); > for (SecretKey workItem : localKeys) { > try { > os.write(CipherCore.getKeyBytes(workItem)); > } catch (IOException e) { > // won't happen > } > } > return new SecretKeySpec(os.toByteArray(), "Generic"); > > And if your concerned about the extra copy from `toByteArray()`, you could > consider using an internal class `AEADBufferedStream` which extends > ByteArrayOutputStream but will return the internal copy to avoid extra mem > allocation. +1. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1720165489
