On Mon, 18 Nov 2024 18:05:34 GMT, Martin Balao <mba...@openjdk.org> wrote:
> We would like to propose an implementation of the HKDF algorithms for > SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key > Derivation Function API > (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)). > > This implementation will be under the _Preview_ umbrella until the KDF API > becomes stable in a future JDK release. The benefit of this early proposal is > to gather more feedback about the KDF API for future improvements. > > The `P11KDF` class has the core implementation and Java calls to the PKCS 11 > API. Different native mechanism were used to merge key material: > CKM_CONCATENATE_BASE_AND_DATA (key and data), CKM_CONCATENATE_BASE_AND_KEY > (key and key) and CKM_CONCATENATE_DATA_AND_BASE (data and key). The > implementation also supports merging data with data, at the Java level. List > of HKDF algorithms supported: HKDF-SHA256, HKDF-SHA384, and, HKDF-SHA512. > > Derivation modes supported: extract, expand, and, extract-expand. > > We further advanced the consolidation of algorithm and key info in the > P11SecretKeyFactory map —this effort started with the PBE support enhancement > and has helped to avoid duplication—. The map has now information about HMAC > (`HMACKeyInfo` class) and HKDF (`HKDFKeyInfo` class) algorithms. P11Mac is > now aligned to take the information from the map. > > Generic keys now supported in SecretKeyFactory. Derived keys could be Generic. > > Testing > > * > [TestHKDF.java](https://github.com/openjdk/jdk/blob/e87ec99b90ff742f531a5031fdeeb9f2e039856d/test/jdk/sun/security/pkcs11/KDF/TestHKDF.java) > test added > * All non-SHA1 & non-SHA224 RFC 5869 test vectors checked > * Cross-checking against SunJCE's HKDF implementation for every algorithm > possible > * Static assertion data for resilience if SunJCE were not available > * Use of derived key for encryption check > * Concatenation of input key material and salt checked (multiple > combinations) > * Multiple derivation types checked (extract only, expand only, and, > extract-expand) > * Derive key and derive data checked > * All supported HKDF algorithms tested (HKDF-SHA256, HKDF-SHA384, and, > HKDF-SHA512) > * DH and ECDH key derivation for TLS checked > * Informative output for debugging purposes (shown automatically if there > is a test failure) > * Note: test failures do not prevent all tests for running > * Test integrated to the SunPKCS11 tests framework > > * No regressions observed in jdk/sun/security/pkcs11 (114 tests passed, 0 > failed) > > A CSR will be proposed. > > This proposal is... This pull request has now been integrated. Changeset: 6ddbcc34 Author: Martin Balao <mba...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/6ddbcc34c019d780fc12d8f636e3aa3de33ecaaa Stats: 1611 lines in 16 files changed: 1545 ins; 29 del; 37 mod 8328119: Support HKDF in SunPKCS11 (Preview) 8346720: Support Generic keys in SunPKCS11 SecretKeyFactory Co-authored-by: Francisco Ferrari Bihurriet <fferr...@openjdk.org> Co-authored-by: Martin Balao <mba...@openjdk.org> Reviewed-by: valeriep, kdriver, weijun ------------- PR: https://git.openjdk.org/jdk/pull/22215
