RFR: 8297878: KEM: Implementation
Xue-Lei Andrew Fan
xuelei at openjdk.org
Thu Apr 13 21:52:39 UTC 2023
On Fri, 31 Mar 2023 02:25:04 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The KEM API and DHKEM impl. Note that this PR uses new methods in https://github.com/openjdk/jdk/pull/13250.
Changes requested by xuelei (Reviewer).
src/java.base/share/classes/javax/crypto/KEMSpi.java line 119:
> 117: * of {@code from} and {@code to} are within the correct range.
> 118: * Therefore an implementation of this method does not need to
> 119: * validate them.
The KEM caller does validate the parameters, but the caller may be more widely other than the KEM. Then, the statement here could be wrong at that time.
src/java.base/share/classes/javax/crypto/KEMSpi.java line 172:
> 170: * within the correct range. Therefore an implementation of this method
> 171: * does not to validate them.
> 172: *
Same comment as above.
src/java.base/share/classes/javax/crypto/KEMSpi.java line 211:
> 209: * The caller of this method has already validated the parameters to
> 210: * ensure that {@code pk} is not {@code null}. Therefore an implementation
> 211: * of this method does not to validate it.
Same as above, the caller may not validate the parameters yet. For example, the instance could be accessed just like what you do in the KEM implementation manner (use Provider method and Service look-up APIs), but without validating the parameters as you did.
-------------
PR Review: https://git.openjdk.org/jdk/pull/13256#pullrequestreview-1384268215
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1166059684
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1166059934
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1166061964
More information about the security-dev
mailing list