RFR: 8297878: KEM: Implementation [v4]
Weijun Wang
weijun at openjdk.org
Tue Apr 18 16:28:02 UTC 2023
On Fri, 14 Apr 2023 01:59:59 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> I can rewrite this into something like "The caller of this method must validate..." so it becomes a requirement. We'll make sure the `KEM` class follows it. Any other class that wishes to call it directly must do it as well.
>
> You can make it a required part of the specification. But it is a error-prone design. What happens if an application does not follow the spec? It may be more complicated to handle the case.
No more validation for providers.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1170289644
More information about the security-dev
mailing list