RFR (12): 8212669: Add note to Cipher javadoc about using full transformation and not relying on defaults

Xuelei Fan xuelei.fan at oracle.com
Thu Nov 1 15:27:41 UTC 2018

What do you think if adding a note that the default value may be 
different for each provider, and may be changed from time to time with 
the development of crypto analysis?


On 11/1/2018 7:57 AM, Sean Mullan wrote:
> Please review this javadoc-only change to the Cipher class. An @apiNote 
> has been added to each of the getInstance methods to recommend that the 
> full transformation be specified when creating a Cipher and to avoid 
> relying on the defaults. Also a link to the defaults used by the JDK 
> providers has been added as an @implNote.
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8212669/webrev.00/
> bug: https://bugs.openjdk.java.net/browse/JDK-8212669
> Thanks,
> Sean

More information about the security-dev mailing list