On Wed, 10 Sep 2025 23:03:49 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >> <img alt="image" >> src="https://github.com/user-attachments/assets/366a9f3e-375a-48fb-8ee6-95cabcfeccc8"; >> /> > > Weijun Wang has updated the pull request with a new target base due to a > merge or a rebase. The pull request now contains 58 commits: > > - Merge branch 'master' into 8325448 > - about transformation > - cannot reset with withMethods > - algorithm identifier > - withMethods > - duplicated "value" words > - receiver to recipient; different to specified > - use different exception type > - more spec change > - address Sean's comments > - ... and 48 more: https://git.openjdk.org/jdk/compare/7fcce270...1ec31cf5 src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 154: > 152: /** > 153: * KEM algorithm identifier for DHKEM(P-256, HKDF-SHA256) as defined > in > 154: * <a > href="https://www.rfc-editor.org/rfc/rfc9180.html#name-key-encapsulation-mechanism";>Section > 7.1 of RFC 9180</a>. Suggestion: It has been my impression that `@spec` was for things like this. Might it be cleaner to remove the "as defined in <link>" and just list the RFC in an `@spec`? It also seems overkill to refer to the RFC sections for each entry as you mention that the id's are in in Section 7 in the class javadoc. src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 286: > 284: * @throws IllegalArgumentException if {@code info} is empty. > 285: */ > 286: public HPKEParameterSpec withInfo(byte[] info) { After reading your example at the class javadoc level, it left me with the impression that `withInfo()` would be used with `String`. Does it make sense to have a `withInfo(String)` method? Or maybe the example less String-specific? src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 317: > 315: throw new IllegalArgumentException("psk_id is empty"); > 316: } > 317: if ("RAW".equalsIgnoreCase(psk.getFormat())) { What happens if the format is not RAW? Is that allowed or should it be an IAE? If `psk` is an 16 byte AES Secret key is that checked somewhere or at all relevant? src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line 352: > 350: * authentication key value. > 351: * <p> > 352: * Note: this method does not check whether the KEM supports "the KEM supports" sounds awkward to me. Do you mean non-DHKEM or the KEM provider implementation? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345198777 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345243742 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345408266 PR Review Comment: https://git.openjdk.org/jdk/pull/18411#discussion_r2345423554
