RFR: 8360463: Ambiguity in Cipher.getInstance() specification between NoSuchAlgorithmException and NoSuchPaddingException [v5]
Krushna948
duke at openjdk.org
Fri Aug 22 17:24:54 UTC 2025
On Fri, 22 Aug 2025 15:47:01 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/Cipher.java line 603:
>>
>>> 601: * @throws NoSuchAlgorithmException if {@code transformation}
>>> 602: * is {@code null}, empty, in an invalid format,
>>> 603: * or if a {@code CipherSpi} implementation from the specified
>>
>> IMO,
>> NoSuchAlgorithmException - if transformation is null, empty, in an invalid format, or if a CipherSpi implementation for the specified **transformation** is not available from the specified provider
>>
>> The **transformation** can be linked to the class level mention
>>
>> A transformation is of the form:
>> "algorithm/mode/padding" or
>> "algorithm"
>
> It's important to point out that when a matched (either full or partial) transform is found, not able to set mode throws an NSAE, while not able to set padding throws an NSPE. So NSAE is related on mode availability and NSPE to padding availability. This is why the current PR need to mention mode here.
Thanks for clarifying this.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26489#discussion_r2294265549
More information about the security-dev
mailing list