On Fri, 16 Aug 2024 17:51:03 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> We use SecretKey, because sometimes the raw bytes may not be available to >> us, for example if it's a hardware key. > > Well, you can't handle this case and throws InvalidKeyException when there > are such keys. When concatenating key objects, you accessed the raw bytes one > by one and then use the resulting bytes to create a SecretKey object which is > unnecessary... > I've tried making the "SecretKey" to "byte[]" change for `inputKeyMaterial` > and `salt` in my local workspace and it simplifies the code. See: https://github.com/openjdk/jdk/pull/20301/commits/25c17b26231b2b63bab9193fe29c7c258f96a31f >> See above comment. > > Well, the hardware keys reason doesn't apply. I am referring to the type of > `inputKeyMaterial` and `salt`, not `ikms` and `salts`. See: https://github.com/openjdk/jdk/pull/20301/commits/25c17b26231b2b63bab9193fe29c7c258f96a31f ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739512304 PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1739512278
