On Wed, 5 Nov 2025 18:27:51 GMT, Weijun Wang <[email protected]> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >> <img alt="image" >> src="https://github.com/user-attachments/assets/df3b454d-2161-4036-9930-c4f84d887b31"; >> /> > > Weijun Wang has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 62 commits: > > - merge > - Merge branch 'master' into 8325448 > - Tony's comment > - more key checks; some small spec change > - Merge branch 'master' into 8325448 > - about transformation > - cannot reset with withMethods > - algorithm identifier > - withMethods > - duplicated "value" words > - ... and 52 more: https://git.openjdk.org/jdk/compare/cf45e09c...b5112151 src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 137: > 135: throws InvalidKeyException, > InvalidAlgorithmParameterException { > 136: impl = new Impl(opmode); > 137: if (!(key instanceof AsymmetricKey ak)) { Is a null check needed for `key` and `params`? It appears Cipher leaves that to the SPI to accept or reject. src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 318: > 316: } > 317: > 318: SecretKey ExportKey(String algorithm, byte[] > exporter_context, int L) { Why are the methods in this class capitalized? src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 540: > 538: // thw builder are just byte arrays. Any KDF impl can > handle this. > 539: var kdf = KDF.getInstance(kdfAlg); > 540: var key_schedule_context = concat(new byte[]{(byte) > mode}, Is `key_sechedule_context` worth zero'ing? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2495870196 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2496532422 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2496764265
