RFR: 4936767: Parameters for MessageDigest
Sean Mullan
mullan at openjdk.org
Wed Nov 15 22:26:34 UTC 2023
On Wed, 15 Nov 2023 20:46:27 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/java/security/MessageDigest.java line 436:
>>
>>> 434: * {@code MessageDigestSpi} implementation for the
>>> 435: * specified algorithm and parameters
>>> 436: *
>>
>> Is there a reason why you didn't throw IAPE when params are bad?
>
> This is following the `SecureRandom` style where there are both `getInstance` methods that has or has not the parameters argument. If you think IAPE is better I can also throw it. `CertStore` does this way and it has a dedicated method to extract the cause of the NSAE thrown by `GetInstance.getInstance` and rethrow it. See https://github.com/openjdk/jdk/blob/9486969bd3cb084c89a7255de0c664c980d1e661/src/java.base/share/classes/java/security/cert/CertStore.java#L249
Hmm, interesting. I have a slight preference for the `CertStore` approach because it feels like the caller can more easily distinguish between the two cases but I could probably live with either. What do you prefer?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16660#discussion_r1394903586
More information about the security-dev
mailing list