RFR[11] JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized

Sean Mullan sean.mullan at oracle.com
Tue Jul 31 19:56:55 UTC 2018


On 7/24/18 9:38 PM, Weijun Wang wrote:
> Something related.
> 
> Cipher has a similar init(..,params) and getParameters() structure and the spec is also similar.
> 
> * <p>The returned parameters may be the same that were used to initialize
> * this cipher, or may contain a combination of default and random
> * parameter values used by the underlying cipher implementation if this
> * cipher requires algorithm parameters but was not initialized with any.
> 
> However, one can supply an incomplete parameters object in init() and getParameters() will fill in default/random values to make it complete.
> 
> For example, in PBE-based Cipher, one can only include salt and iteration count in the init params, and init() will add in a random IV, and the IV can be retrieved with getParameters().
> 
> Is this something we need to clarify?

Yes, we should update the Cipher API to be consistent with Signature. I 
think this can wait until JDK 12 though.

Valerie, can you file a follow-on issue?

Thanks,
Sean


More information about the security-dev mailing list