Re: [PR] Implementation of the HKDF derivation function [santuario-xml-security-java]
jrihtarsic commented on code in PR #271: URL: https://github.com/apache/santuario-xml-security-java/pull/271#discussion_r1593378838 ## src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java: ## @@ -274,13 +274,18 @@ public static KeyAgreementParameters constructAgreementParameters(String agreeme * @param keyDerivationMethod element with the key derivation method data * @param keyBitLengthexpected derived key length in bits * @return KeyDerivationParameters data - * @throws XMLSecurityException if the invalid key derivation parameters are provide - * @throws XMLEncryptionException if the invalid key derivation is not supported + * @throws XMLEncryptionException throwen in case if KDFParams cannot be created or the Review Comment: Thanks for the warning about the typo, I fixed the description now. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [SANTUARIO-614] Tests for the EC Brainpool key types [santuario-xml-security-java]
coheigea merged PR #298: URL: https://github.com/apache/santuario-xml-security-java/pull/298 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump advanced-security/maven-dependency-submission-action from 4.0.2 to 4.0.3 [santuario-xml-security-java]
coheigea merged PR #319: URL: https://github.com/apache/santuario-xml-security-java/pull/319 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump com.google.errorprone:error_prone_core from 2.27.0 to 2.27.1 [santuario-xml-security-java]
coheigea merged PR #318: URL: https://github.com/apache/santuario-xml-security-java/pull/318 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Implementation of the HKDF derivation function [santuario-xml-security-java]
seanjmullan commented on code in PR #271: URL: https://github.com/apache/santuario-xml-security-java/pull/271#discussion_r1592394464 ## src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java: ## @@ -274,13 +274,18 @@ public static KeyAgreementParameters constructAgreementParameters(String agreeme * @param keyDerivationMethod element with the key derivation method data * @param keyBitLengthexpected derived key length in bits * @return KeyDerivationParameters data - * @throws XMLSecurityException if the invalid key derivation parameters are provide - * @throws XMLEncryptionException if the invalid key derivation is not supported + * @throws XMLEncryptionException throwen in case if KDFParams cannot be created or the Review Comment: typo: "throwen", but I would just remove "thrown in case" as that is implied. Also, a nit but you don't need to end with a period. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Implementation of the HKDF derivation function [santuario-xml-security-java]
jrihtarsic commented on code in PR #271: URL: https://github.com/apache/santuario-xml-security-java/pull/271#discussion_r1592359981 ## src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java: ## @@ -271,93 +272,42 @@ public static KeyAgreementParameters constructAgreementParameters(String agreeme * Construct a KeyDerivationParameter object from the given keyDerivationMethod and keyBitLength * * @param keyDerivationMethod element with the key derivation method data - * @param keyBitLength expected derived key length + * @param keyBitLengthexpected derived key length in bits * @return KeyDerivationParameters data - * @throws XMLSecurityException if the keyDerivationMethod is not supported or invalid parameters are provided + * @throws XMLSecurityException if the invalid key derivation parameters are provide Review Comment: I updated the code now to ensure that only the XMLEncryptionException can be thrown. I made changes to the XMLCipherUtil.constructKeyDerivationParameter method only and retained the XMLSecurityException in the interface KeyDerivationMethod.getKDFParams; because the interface implementation may be used for key derivation functions used for other purposes than just the encryption in the future. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@santuario.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
