[8] Code review request for 8006591: Protect keystore entries using stronger PBE algorithms

Vincent Ryan vincent.x.ryan at oracle.com
Mon Jan 21 10:31:24 UTC 2013


NPE is only thrown if protectionAlgorithm is null.

On 21 Jan 2013, at 09:44, taras ledkov wrote:

> class: KeyStore.PasswordProtection
> method: <init>(char[] password, String protectionAlgorithm, AlgorithmParameterSpec protectionParameters)
> 
> At the javadoc header about protectionParameters:
> 
> * @param protectionParameters the encryption algorithm parameter
> *     specification, which may be {@code null}
> 
> But the first line of the method we can see:
> if (protectionAlgorithm == null) {
>    throw new NullPointerException("invalid null input");
> }
> 
> I see a contradiction here.
> Please comment.
> 
> 
> On 18.01.2013 23:53, Vincent Ryan wrote:
>> Hello,
>> 
>> Please review the fix for 8006591. It introduces a mechanism to enable
>> stronger PBE algorithms to be specified when encrypting a keystore entry.
>> This allows developers to make use of the new PBE algorithms delivered in
>> JEP-121. Note however that PKCS12 is currently the only keystore that
>> supports this new feature.
>> 
>> It is a component of the JEP-166 delivery.
>> 
>> Webrev: http://cr.openjdk.java.net/~vinnie/8006591/webrev.00/
>> 
>> Thanks.
> 
> -- 
> With best regards,
> Taras Ledkov
> Mail-To: taras.ledkov at oracle.com
> skype: taras_ledkov
> Phone: 7(812)3346-157




More information about the security-dev mailing list