RFR[11] JDK-8206171: Signature#getParameters for RSASSA-PSS throws ProviderException when not initialized
Sean Mullan
sean.mullan at oracle.com
Tue Jul 31 19:56:55 UTC 2018
On 7/24/18 9:38 PM, Weijun Wang wrote:
> Something related.
>
> Cipher has a similar init(..,params) and getParameters() structure and the spec is also similar.
>
> * <p>The returned parameters may be the same that were used to initialize
> * this cipher, or may contain a combination of default and random
> * parameter values used by the underlying cipher implementation if this
> * cipher requires algorithm parameters but was not initialized with any.
>
> However, one can supply an incomplete parameters object in init() and getParameters() will fill in default/random values to make it complete.
>
> For example, in PBE-based Cipher, one can only include salt and iteration count in the init params, and init() will add in a random IV, and the IV can be retrieved with getParameters().
>
> Is this something we need to clarify?
Yes, we should update the Cipher API to be consistent with Signature. I
think this can wait until JDK 12 though.
Valerie, can you file a follow-on issue?
Thanks,
Sean
More information about the security-dev
mailing list