RFR: 6227536: KeyGenerator.init() methods do not throw IllegalArgumentException for keysize == 0 [v5]

Bradford Wetmore wetmore at openjdk.org
Fri Jul 29 19:49:23 UTC 2022


On Fri, 29 Jul 2022 18:31:13 GMT, Kevin Driver <kdriver at openjdk.org> wrote:

>> As mentioned in the bug report, this issue *should not* be a framework-level issue, since potentially an individual provider could create a keysize of zero to have a certain significance. 
>> 
>> In the changes made here for `HmacMD5`- and `HmacSHA1`- `KeyGenerator`s, the check is for `keysize <= 0` and this message indicates this is a check characteristic to the `SunJCE` provider.
>
> Kevin Driver has updated the pull request incrementally with one additional commit since the last revision:
> 
>   initial commit

We are Slacking on some other test issues.  Will approve on next update.

test/jdk/com/sun/crypto/provider/KeyGenerator/Test6227536.java line 2:

> 1: /*
> 2:  * Copyright (c) 2002, 2022, Oracle and/or its affiliates. All rights reserved.

As this is a new test, you'll just have the one date:

`...(c) 2022, Oracle and/or`

test/jdk/com/sun/crypto/provider/KeyGenerator/Test6227536.java line 28:

> 26:  * @bug 6227536
> 27:  * @summary Verify HmacSHA1 and HmacMD5 KeyGenerators throw an Exception when a keysize of zero is requested
> 28:  * @author Kevin Driver

We generally no longer include @author.

-------------

PR: https://git.openjdk.org/jdk/pull/9679



More information about the security-dev mailing list