On Wed, 8 Jan 2025 19:21:29 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> A non-extractable PRK in HKDF Expand-Only is an invalid input, not an
>> internal error.
>
> src/java.base/share/classes/com/sun/crypto/provider/HKDFKeyDerivation.java
> line 183:
>
>> 181: // set this value in the "if"
>> 182: if ((pseudoRandomKey = anExpand.prk().getEncoded()) ==
>> null) {
>> 183: throw new InvalidAlgorithmParameterException(
>
> My only question here is whether the `Expand` could be created without a PRK
> for any other reason besides it being non-extractable. If we think so (even
> if it's just user-error), then perhaps the wording of the message for the
> IAPE should be revised from the currently proposed text.
In the creation of the `Expand` object, we've already guaranteed that PRK the
object must be non null. The only problem here is its encoding.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22976#discussion_r1907726342
