RFR: 8297878: KEM: Implementation
Xue-Lei Andrew Fan
xuelei at openjdk.org
Wed Apr 12 21:51:35 UTC 2023
On Wed, 12 Apr 2023 18:32:30 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KEMSpi.java line 107:
>>
>>> 105: * @see KEM.Encapsulator
>>> 106: */
>>> 107: interface EncapsulatorSpi {
>>
>> Is it really necessary to define a EncapsulatorSpi? It looks like an internal implementation for KEMSpi service, rather than a public individual interface that EncapsulatorSpi.getInstance() could be used.
>
> Not exactly sure what you want. Security providers need to implement it and the `KEM` class uses it. Unlike other `AbcSpi` classes, it will not be created with a `getInstance` method.
If I get it right, SPI means "service provider interface", which is normally for public service access by searching the registers. In the provider implementation, a SPI implementation is normally registered so that it can be accessed. I did not find the registration in the provider implementation. I know it is right because it is not expected to be registered as it is not expected to be accessed directly.
> Security providers need to implement it and the KEM class uses it.
I know, but it is not necessarily designed as an SPI (it could be a normal interface that a provider need to implement and KEM class uses). You can code like this, but I'm not sure if it is the common way.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1164684415
More information about the security-dev
mailing list