[14] RFR JDK-8233016: javax.crypto.Cipher throws NPE for the given custom CipherSpi and Provider
Sean Mullan
sean.mullan at oracle.com
Mon Nov 25 19:52:13 UTC 2019
I would change the Bug summary to describe what is being proposed. Since
two new exceptions are being specified in the constructor, I would
suggest: "Specify the exceptions that can be thrown by the
javax.crypto.Cipher constructor".
> CSR: https://bugs.openjdk.java.net/browse/JDK-8234271
I would tweak the Problem section to note that an undocumented NPE can
be thrown in more than one case
"The protected constructor of javax.crypto.Cipher class throws an
undocumented NullPointerException when the provider argument is null and
the cipherSpi argument is invalid but not null."
+ * @throws IllegalArgumentException if the supplied arguments
+ * are deemed invalid for constructing the Cipher object
This is unspecified as to what invalid actually means, but I guess it is
probably best to not specify anything more specific. It may make sense
to add an @implNote as a follow-on issue as to what validation is being
done by the JDK implementation.
> Webrev: http://cr.openjdk.java.net/~valeriep/8233016/webrev.00/
Looks fine.
> Release Note: https://bugs.openjdk.java.net/browse/JDK-8234609
I made a couple of minor changes but otherwise looks good.
--Sean
On 11/21/19 8:10 PM, Valerie Peng wrote:
> Sean,
>
> Can you please help reviewing this one?
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8233016
>
> Release Note: https://bugs.openjdk.java.net/browse/JDK-8234609
>
> Webrev: http://cr.openjdk.java.net/~valeriep/8233016/webrev.00/
>
> CSR: https://bugs.openjdk.java.net/browse/JDK-8234271
>
> Thanks,
>
> Valerie
More information about the security-dev
mailing list