On Tue, 13 Aug 2024 15:24:11 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are >> cryptographic algorithms for deriving additional keys from a secret key and >> other data. See [JEP 478](https://openjdk.org/jeps/478). >> >> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924). > > Kevin Driver has updated the pull request incrementally with one additional > commit since the last revision: > > addressed several review comments, namely: - renaming the getParameters > method - renaming the AlgorithmParameterSpec object - address some javadoc > exception messages - add some information to KDF class private constructor > javadocs - other general cleanup src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java line 202: > 200: salts = anExtractThenExpand.salts(); > 201: // we should be able to combine these Lists of keys into > single > 202: // SecretKey Objects, "Single SecretKey objects" => "a byte[]" "List of keys" is really "a list of key segments" which are combined into one key. Same goes for salts. The API is designed with the protocol usage in mind, but the naming we have here does not directly line up with RFC5869 which only mentions singular "IKM" and "SALT". ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1720163152
