RFR: 8296442: EncryptedPrivateKeyInfo can be created with an uninitialized AlgorithmParameters [v4]
Weijun Wang
weijun at openjdk.org
Wed Nov 16 18:47:29 UTC 2022
On Wed, 16 Nov 2022 14:21:48 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Did you consider changing EncryptedPrivateKeyInfo(...,AlgorithmParameters) to throw IllegalStateException if the parameters were not initialized? I know you said you were worried about changing the API, but it would be a cleaner option. I wonder if there is really any code that is initializing the parameters after creating the EPKI.
I thought about that. The change would break some existing tests and need a spec change. I don't think it's worth doing.
-------------
PR: https://git.openjdk.org/jdk/pull/11067
More information about the security-dev
mailing list