On Tue, 17 Sep 2024 21:52:47 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are >> cryptographic algorithms for deriving additional keys from a secret key and >> other data. See [JEP 478](https://openjdk.org/jeps/478). >> >> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924). > > Kevin Driver has updated the pull request incrementally with one additional > commit since the last revision: > > refinement of addIKM and addSalt specifications src/java.base/share/classes/com/sun/crypto/provider/HKDFKeyDerivation.java line 66: > 64: SHA384_HMAC_SIZE, > 65: SHA512_HMAC_SIZE > 66: }; These lines can be removed if using enum to group the name and output length together. The current check does very little, it only ensures that the specified hmac length is one of the supported values, but no correlation with the hmac algorithm name. The enum sample code is shown in a separate comment below. src/java.base/share/classes/com/sun/crypto/provider/HKDFKeyDerivation.java line 396: > 394: public HKDFSHA256(KDFParameters kdfParameters) > 395: throws InvalidAlgorithmParameterException { > 396: super("HmacSHA256", SHA256_HMAC_SIZE, kdfParameters); Using the enum, this line would be: ` super(SupportedHmac.SHA256, kdfParameters);` ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1765762735 PR Review Comment: https://git.openjdk.org/jdk/pull/20301#discussion_r1765768566
