On Thu, 17 Apr 2025 20:52:52 GMT, Valerie Peng <[email protected]> wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Inform key sizes in the exception when failing check.
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java
> line 106:
>
>> 104: }
>> 105:
>> 106: static sealed class KeyInfo permits PBEKeyInfo, HMACKeyInfo,
>> HKDFKeyInfo,
>
> Can we add some comment about the purpose of KeyInfo and the PKCS11 classes
> which depend on it? E.g. HKDF will use the key algorithm to look up the
> corresponding key type. Also some comment for the various child key info
> classes would be nice.
Ok
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java
> line 154:
>
>> 152: }
>> 153:
>> 154: static final class TLSKeyInfo extends KeyInfo {
>
> Documenting this TLSKeyInfo is to support JSSE using HKDF to derive various
> keys whose algorithms are named following the "TlsXXX" convention?
Ok
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24526#discussion_r2051049867
PR Review Comment: https://git.openjdk.org/jdk/pull/24526#discussion_r2051050494
