RFR: 8293779: redundant checking in AESCrypt.makeSessionKey() method
Sean Mullan
mullan at openjdk.org
Wed Sep 14 13:29:40 UTC 2022
On Wed, 14 Sep 2022 05:58:10 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> Hi,
>
> Please review this simple code cleanup.
>
> The following checking for key in the makeSessionKey() method is redundant as it the same checking has been performance before calling the method.
>
>
> if (k == null) {
> throw new InvalidKeyException("Empty key");
> }
> if (!isKeySizeValid(k.length)) {
> throw new InvalidKeyException("Invalid AES key length: " +
> k.length + " bytes");
> }
>
>
> No new regression test, simple cleanup.
>
> Thanks,
> Xuelei
src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 604:
> 602: * @exception InvalidKeyException If the key is invalid.
> 603: */
> 604: private void makeSessionKey(byte[] k) throws InvalidKeyException {
Can it still throw InvalidKeyException?
-------------
PR: https://git.openjdk.org/jdk/pull/10263
More information about the security-dev
mailing list