RFR: 8298420: PEM API: Implementation (Preview) [v4]
Sean Mullan
mullan at openjdk.org
Fri Aug 30 14:24:24 UTC 2024
On Tue, 30 Jul 2024 18:59:42 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> The current spec says "or null if not specified", so it's actually OK if one is not specified -- if I understand correctly -- through the constructor that take an algorithm argument. You might actually need to update the spec with your code change.
>
> I understand null is a valid value, but I'm more curious if you think null is a better option than an OID string? An OID is not ideal, and I suspect would be rare. The ones that come to mind that we are missing are SM*, which probably should be added at some point anyway.
I think the `EncodedKeySpec(byte[])` constructor needs to say something now about the algorithm being parsed from the bytes, perhaps: "This constructor extracts the algorithm name from the encoded bytes, which may be an OID if no standard algorithm name is defined. If the algorithm name cannot be extracted, it is set to `null`."
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1738772809
More information about the security-dev
mailing list