On Fri, 12 Sep 2025 20:50:57 GMT, Anthony Scarpino <[email protected]> wrote:
>> Weijun Wang has updated the pull request with a new target base due to a >> merge or a rebase. The pull request now contains 58 commits: >> >> - Merge branch 'master' into 8325448 >> - about transformation >> - cannot reset with withMethods >> - algorithm identifier >> - withMethods >> - duplicated "value" words >> - receiver to recipient; different to specified >> - use different exception type >> - more spec change >> - address Sean's comments >> - ... and 48 more: https://git.openjdk.org/jdk/compare/7fcce270...1ec31cf5 > > src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 317: > >> 315: throw new IllegalArgumentException("psk_id is empty"); >> 316: } >> 317: if ("RAW".equalsIgnoreCase(psk.getFormat())) { > > What happens if the format is not RAW? Is that allowed or should it be an > IAE? > If `psk` is an 16 byte AES Secret key is that checked somewhere or at all > relevant? I just meant if it's not "RAW" (maybe `null`?) then I have no way to check its length. A 16 byte AES will be rejected if it has an encoding which is almost always of "RAW" format. Or, did you confuse `getAlgorithm` and `getFormat`? > src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 352: > >> 350: * authentication key value. >> 351: * <p> >> 352: * Note: this method does not check whether the KEM supports > > "the KEM supports" sounds awkward to me. Do you mean non-DHKEM or the KEM > provider implementation? Section 5 of RFC 9180: > Note that some KEMs may not support AuthEncap() or AuthDecap(). For such > KEMs, only mode_base or mode_psk are supported. Future specifications which > define new KEMs MUST indicate whether these modes are supported. See [Section > 7.1.5](https://www.rfc-editor.org/rfc/rfc9180.html#future-kems) for more > details. I can change to "the KEM algorithm supports". ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345617709 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345620663
