On Fri, 17 Jan 2025 19:59:22 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Improve TestContext note about expectedOpOut
>>
>> Co-authored-by: Martin Balao Alonso <mba...@redhat.com>
>> Co-authored-by: Francisco Ferrari Bihurriet <fferr...@redhat.com>
>
> test/jdk/sun/security/pkcs11/KDF/TestHKDF.java line 524:
>
>> 522: }
>> 523:
>> 524: private static void test_AES_HKDFWithHmacSHA256_EmptyBaseKey() {
>
> Glad to see this one here. Is there one for null or empty salt?
>
> Where are the KA values coming from?
We have tests in which _salt_ is `null` (i.e. not calling `addSalt`). If you
think it is worth it, we can combine that with an empty key. The effect of an
empty _salt_ (instead of `null`) is the same as not calling `addSalt`. Notice
that we cannot create an instance of a `SecretKeySpec` with an empty `byte[]`
as key.
Do you mean the values for the DH/ECDH key agreement?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22215#discussion_r1920710339
