RFR: 8297878: KEM: Implementation [v2]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Fri Apr 14 02:02:36 UTC 2023
On Thu, 13 Apr 2023 22:36:04 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KEMSpi.java line 119:
>>
>>> 117: * of {@code from} and {@code to} are within the correct range.
>>> 118: * Therefore an implementation of this method does not need to
>>> 119: * validate them.
>>
>> The KEM caller does validate the parameters, but the caller may be more widely other than the KEM. Then, the statement here could be wrong at that time.
>
> I can rewrite this into something like "The caller of this method must validate..." so it becomes a requirement. We'll make sure the `KEM` class follows it. Any other class that wishes to call it directly must do it as well.
You can make it a required part of the specification. But it is a error-prone design.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1166196969
More information about the security-dev
mailing list