Design review: JEP 273: DRBG-Based SecureRandom Implementations

Sean Mullan sean.mullan at oracle.com
Fri Nov 20 15:26:29 UTC 2015


On 11/19/2015 07:23 PM, Wang Weijun wrote:
>> On Nov 20, 2015, at 1:11 AM, Sean Mullan<sean.mullan at oracle.com>  wrote:
>>> >>
>>> >>However, I cannot get it working, and I found difficulties understanding the EngineDescription inner class inside Provider.java.
>>> >>
>>> >>1. For each engine that can take an extra parameter (not provider) in getInstance(), it is always named XyzParameters, not an AlgorithmParameterSpec.
> Shall we also use SecureRandomParameters?

If we leave it as a subinterface of AlgorithmParameterSpec, then it 
should be named SecureRandomParameterSpec to align with the naming 
convention of the current subclasses.

That said, is there any critical reason it needs to be an 
AlgorithmParameterSpec? If not, then we could just create a standalone 
SecureRandomParameters interface.

--Sean



More information about the security-dev mailing list