RFR: 8340327: A common framework to support public key algorithms with standard parameter sets [v10]
Weijun Wang
weijun at openjdk.org
Fri Oct 11 19:56:14 UTC 2024
On Tue, 8 Oct 2024 20:17:53 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/provider/NamedSignature.java line 196:
>>
>>> 194: /// This object will be passed into the [#implVerify] method along with the raw key.
>>> 195: ///
>>> 196: /// The default implementation returns `null`.
>>
>> If the majority of implementations are supposed to implement this method, then it may be better to make it abstract (so that it won't be accidentally missed) and add a note that subclasses should return null if they don't have any additional checks.
>
> I'll discuss with my customers.
After some discussion, we decided to keep the current design. I acknowledge that there are advantages to override these methods, and it’s even encouraged. However, considering the nature of these methods, they can be omitted without impacting functionality. Finally, these are internal classes and we have controls.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21167#discussion_r1797369752
More information about the security-dev
mailing list