RFR: 8294985: SSLEngine throws IAE during parsing of X500Principal [v10]

Kevin Driver kdriver at openjdk.org
Thu May 18 16:07:59 UTC 2023


On Thu, 18 May 2023 12:42:20 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> src/java.base/share/classes/sun/security/ssl/CertificateAuthoritiesExtension.java line 126:
>> 
>>> 124:         }
>>> 125: 
>>> 126:         X500Principal[] getAuthorities() throws IllegalArgumentException {
>> 
>> IAE is unchecked exception, and should not be throwing explicitly in method signature/statement.  I'm not sure if this throwing is really helpful for caller to check the exception.
>
> Yes, I agree with that comment. I suggest adding a comment above the method to remind callers they may need to catch IAE, something like:
> 
> // This method will throw IllegalArgumentException if the X500Principal cannot be parsed.

Agreed. It's atypical (at least) to include a RuntimeException in the method signature.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13466#discussion_r1198005604



More information about the security-dev mailing list