On Thu, 27 Feb 2025 03:22:18 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >> >>  > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > example and KAT src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 323: > 321: } > 322: byte[] bytes = > kdf.deriveData(extract.thenExpand(labeledInfo( > 323: suiteId, CANDIDATE, I2OSP(counter, 1), Nsk), > Nsk)); I'm not through every class yet, but is more input validation needed on `Nsk`, which ultimately becomes the length in the `HKDFParameterSpec`? Later in this class I see that it is checked to not exceed `65536`, but an `IllegalArgumentException` may be thrown here if the value is < 0. I see that you're throwing `Exception` from this method, but I thought I'd mention it since you are doing `HKDFParameterSpec` initialization in-line with the `deriveData` call. src/java.base/share/classes/com/sun/crypto/provider/DHKEM.java line 406: > 404: } > 405: > 406: public static byte[] I2OSP(int n, int w) { A comment (non-javadoc) might be beneficial to explain why this method is doing what it is doing. src/java.base/share/classes/com/sun/crypto/provider/HPKE.java line 32: > 30: > 31: import javax.crypto.*; > 32: import javax.crypto.spec.*; It may be beneficial (however minimally) to avoid the use of wildcard imports. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975659308 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975663441 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r1975666647
