On Tue, 13 Aug 2024 15:24:11 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are >> cryptographic algorithms for deriving additional keys from a secret key and >> other data. See [JEP 478](https://openjdk.org/jeps/478). >> >> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924). > > Kevin Driver has updated the pull request incrementally with one additional > commit since the last revision: > > addressed several review comments, namely: - renaming the getParameters > method - renaming the AlgorithmParameterSpec object - address some javadoc > exception messages - add some information to KDF class private constructor > javadocs - other general cleanup src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 226: > 224: byte[] extractResult = hkdfExtract(inputKeyMaterial, > (salt > 225: == > null) ? null : salt.getEncoded()); > 226: pseudoRandomKey = new SecretKeySpec(extractResult, > "RAW"); Use `hmacAlgName` instead of `RAW` as the key algorithm? Or is it well-established fact that most if not all Hmac impls doesn't care or check the key algorithm? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1719175171
