RFR: 8358451: SunJCE PBEKey impl should throw IllegalStateException when getEncoded() is called
Weijun Wang
weijun at openjdk.org
Wed Jun 4 15:17:50 UTC 2025
On Wed, 4 Jun 2025 03:10:29 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> Update the `PBEKey` class of the SunJCE provider which override the `javax.security.auth.Destroyable` interface to
>
> 1. throw `IllegalStateException` if `getEncoded()` is called after key is destroyed
> 2. serialization of such destroyed `PBEKey` object will lead to exception.
>
> Also update the `PBEKeyFactory` class of the SunJCE provider to check for destroyed keys and throw exceptions per the method javadoc.
src/java.base/share/classes/com/sun/crypto/provider/PBEKey.java line 82:
> 80: }
> 81:
> 82: public byte[] getEncoded() {
I understand this is not a public API class so there is no need to provide `@throws` in the spec. But, on the other hand, do we need to provide one in its super class `java.security.key`? I have no opinion.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/25632#discussion_r2126861948
More information about the security-dev
mailing list