JEP draft: Key Encapsulation Mechanism API
Wei-Jun Wang
weijun.wang at oracle.com
Thu Jan 26 15:01:01 UTC 2023
> On Jan 26, 2023, at 12:48 AM, Xuelei Fan <xuelei.f at gmail.com> wrote:
>
>
>> On Jan 25, 2023, at 8:43 PM, Wei-Jun Wang <weijun.wang at oracle.com> wrote:
>
>
>> If someone really cares about the result of getProvider(), they should be careful no other thread calls encapsulation or decapsulation.
>
> If no-one care about the result of getProvider(), is it possible to remove this method from the design?
>
> With this method, the API is not easy to use, and the code is not easy to review, unless a developer read the class and methods spec very carefully, considering that the behavior differences impacted by calling sequences.
>
> Anyway, calling sequence problems are known issues for JCA/JCE, just my $0.02 in case it helps to make the specification more clear, if you’d like to the tradition of JCA/JCE.
I see this method for every JCA class and would rather keep it.
--Max
>
> Xuelei
More information about the security-dev
mailing list