RFR: 8155191: Specify that SecureRandom.nextBytes(byte[]) throws NullPointerException when byte array is null [v2]
Sean Mullan
mullan at openjdk.org
Mon May 8 21:17:22 UTC 2023
On Fri, 5 May 2023 01:21:32 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Just a trivial change for enforcing consistent NullPointerException behavior for the SecureRandom.nextBytes(byte[]) method.
>>
>> Other similar methods such as Random.nextByte(byte[]) and its other subclasses all throw NPE for null byte[] argument. Most JDK default providers' SecureRandom impls also check and throw NPE. Thus, this should be moved up and enforced by the SecureRandom class to ensure consistency.
>>
>> CSR has been filed.
>>
>> Thanks,
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> Add NPE for SecureRandom(byte[]) ctor and setSeed(byte[]) method.
test/jdk/sun/security/pkcs11/SecureRandom/NextBytesNull.java line 1:
> 1: /*
Since the null checks are now all in `SecureRandom`, it doesn't seem that useful to check the individual providers. Maybe combine these tests and just check that the API methods throw NPE?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13788#discussion_r1187904659
More information about the security-dev
mailing list