On Thu, 5 Sep 2024 23:17:32 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are >> cryptographic algorithms for deriving additional keys from a secret key and >> other data. See [JEP 478](https://openjdk.org/jeps/478). >> >> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924). > > Kevin Driver has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the merge/rebase. The pull request contains 31 additional > commits since the last revision: > > - Merge remote-tracking branch 'origin/master' into kdf-jep-wip > # Please enter a commit message to explain why this merge is necessary, > # especially if it merges an updated upstream into a topic branch. > # > # Lines starting with '#' will be ignored, and an empty message aborts > # the commit. > - several more review comments > - change impl class to use byte arrays rather than SecretKey objects where > possible > - updated delayed provider selection javadoc > - review comments > - use a delegate record to hold the spi and provider > - assorted review comment changes > - another round of review comments > - consistency with wording for addIKM and addSalt > - another round of code review comments > - ... and 21 more: https://git.openjdk.org/jdk/compare/84bfac65...a35e98c9 src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 70: > 68: */ > 69: HkdfKeyDerivation(String hmacAlgName, int hmacLen, > 70: KDFParameters kdfParameters) Why does this take KDFParameters if hmacAlgName doesn't support parameters? src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 134: > 132: byte[] salt; > 133: byte[] pseudoRandomKey; > 134: byte[] info; Might be cleaner to declare it as: Suggestion: List<SecretKey> ikms, salts; byte[] inputKeyMaterial, salt, pseudoRandomKey, info; ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1747074863 PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1747077429