On Thu, 15 Aug 2024 21:05:15 GMT, Kevin Driver <[email protected]> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java
>> line 151:
>>
>>> 149: try {
>>> 150: return hkdfExtract(inputKeyMaterial,
>>> 151: (salt == null) ? null :
>>> salt.getEncoded());
>>
>> If you use byte[] for `salt`, then you can just pass it to `hkdfExtract()`
>> and no need for this null-check and `getEncoded()` call.
>
> See above comment.
Well, the hardware keys reason doesn't apply. I am referring to the type of
`inputKeyMaterial` and `salt`, not `ikms` and `salts`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1720148788
