On Wed, 28 Aug 2024 20:44:10 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are >> cryptographic algorithms for deriving additional keys from a secret key and >> other data. See [JEP 478](https://openjdk.org/jeps/478). >> >> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924). > > Kevin Driver has updated the pull request incrementally with two additional > commits since the last revision: > > - consistency with wording for addIKM and addSalt > - another round of code review comments test/jdk/javax/crypto/KDF/KDFDelayedProviderSyncTest.java line 66: > 64: public void testDerive() > 65: throws InvalidAlgorithmParameterException, > NoSuchAlgorithmException { > 66: SecretKey result = kdfUnderTest.deriveKey("AES", > kdfParameterSpec); Here the key algorithm is "AES" with output length 42 bytes. However, AES only has 128, 192, and 256-bits key sizes though. Based on the javadoc, this combination is not valid and should throw IAPE? Maybe use some other algorithm as the key algorithm? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1735402441
