RFR[11] JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

Sean Mullan sean.mullan at oracle.com
Wed Jul 11 13:56:41 UTC 2018


Yes, I think if an implementation can throw an exception in this case, 
we should add that as an @throws. For example, something like the following:

@throws ProviderException if this signature engine requires parameters 
but does not support default or randomly generated parameter values

--Sean

On 7/10/18 10:16 PM, Weijun Wang wrote:
> Hi Valerie
> 
> About "it *may* return", do you mean it could also return null? My understanding is no.
> 
> Is it better to clarify when the implementation "may also fail"? From the CSR, it's this method. Can you add a @throws spec to this method then?
> 
> Also, I am a little confused by "default and randomly generated". Does this actually mean "default (might be randomly generated)"? The "it may" sentence mentions "default and randomly generated" but the "if there" only says "default", which sounds like the the "randomly generated" case could be different.
> 
> Thanks
> Max
> 
> 
>> On Jul 11, 2018, at 5:12 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>>
>> Hi Brad,
>>
>> Would you have time to review the fix for JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized?
>> No source code changes, but just updating javadoc to mention the possible failure case.
>> Otherwise, JCK team expects a parameter object or null being returned.
>> I filed a CSR to track the javadoc clarification.
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8206171
>> Webrev: http://cr.openjdk.java.net/~valeriep/8206171/webrev.00/
>> CSR: https://bugs.openjdk.java.net/browse/JDK-8206864
>>
>> Thanks,
>> Valerie
>>
>>
>>
> 



More information about the security-dev mailing list