RFR[11] JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

Weijun Wang weijun.wang at oracle.com
Wed Jul 11 02:16:47 UTC 2018


Hi Valerie

About "it *may* return", do you mean it could also return null? My understanding is no.

Is it better to clarify when the implementation "may also fail"? From the CSR, it's this method. Can you add a @throws spec to this method then?

Also, I am a little confused by "default and randomly generated". Does this actually mean "default (might be randomly generated)"? The "it may" sentence mentions "default and randomly generated" but the "if there" only says "default", which sounds like the the "randomly generated" case could be different.

Thanks
Max


> On Jul 11, 2018, at 5:12 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
> 
> Hi Brad,
> 
> Would you have time to review the fix for JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized?
> No source code changes, but just updating javadoc to mention the possible failure case.
> Otherwise, JCK team expects a parameter object or null being returned.
> I filed a CSR to track the javadoc clarification.
> 
> Bug: https://bugs.openjdk.java.net/browse/JDK-8206171
> Webrev: http://cr.openjdk.java.net/~valeriep/8206171/webrev.00/
> CSR: https://bugs.openjdk.java.net/browse/JDK-8206864
> 
> Thanks,
> Valerie
> 
> 
> 



More information about the security-dev mailing list