RFR: 8343622: AesDkCrypto.stringToKey should not return null [v2]
Weijun Wang
weijun at openjdk.org
Tue Nov 5 15:56:35 UTC 2024
On Tue, 5 Nov 2024 15:51:58 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> When an exception happens inside these stringToKey() methods, it returns a null. This would lead to unexpected NPE some time in the future.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> let it throw NSAE
src/java.base/share/classes/sun/security/provider/MD4.java line 81:
> 79: }
> 80:
> 81: public static MessageDigest getInstance() {
Just let it throw the NSAE. There are 2 usages of this method, one will throw an `AssertionError` and one below in `ArcFourCrypto` will propagate it and finally it will get caught in `EncrptionKey::stringToKey` like all other crypto-related exceptions.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21908#discussion_r1829603505
More information about the security-dev
mailing list