On Mon, 14 Apr 2025 19:37:44 GMT, Sean Mullan <[email protected]> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> toString, exportData, spec in HPKEParameters must have algorithm
>> identifiers specified
>
> src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 136:
>
>> 134: * {@snippet lang=java class="PackageSnippets"
>> region="hpke-spec-example"}
>> 135: *
>> 136: * @implNote
>
> Making this implementation specific means that other providers could in
> theory choose different defaults, which reduces compatibility but an
> application could never be sure, or even know if this is for algorithms in
> RFC 9180. These are probably the most reasonable defaults for RFC 9180
> compliant implementations. Did you consider making these defaults a
> requirement of HPKE implementations? I also wonder if "HPKE" is too general.
> If there is ever a new HPKE spec with say a new KEM or KDF algorithm for
> EC/XDH keys, would it be called "HPKE2"?
Consider adding a String or Enum argument to `of()` with the name of the
profile, ex "RFC9180".
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2045238642
