On Fri, 4 Apr 2025 22:18:31 GMT, Bradford Wetmore <wetm...@openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> added default deriveData method to SSLKeyDerivation interface and
>> refactored code to remove unused AlgorithmParameterSpec argument.
>
> src/java.base/share/classes/sun/security/ssl/Utilities.java line 150:
>
>> 148: String sanitizedAlg = digestAlg.replace("-", "");
>> 149: return switch (sanitizedAlg) {
>> 150: case "SHA256", "SHA384", "SHA512" -> "HKDF-" + sanitizedAlg;
>
> This is a nit, but currently we don't have SHA512 in `CipherSuite.HashAlg`.
> You can leave it for any future enhancements.
You could also consider storing the HKDF algorithm names in the `HashAlg` enum.
Not sure if it would make much difference, performance wise.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24393#discussion_r2031813844
