RFR: 8298420: PEM API: Implementation (Preview) [v17]

Krushna948 duke at openjdk.org
Tue May 13 15:26:13 UTC 2025 

On Sun, 11 May 2025 19:02:55 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> Hi all,
>> 
>> I need a code review of the PEM API.  Privacy-Enhanced Mail (PEM) is a format for encoding and decoding cryptographic keys and certificates.  It will be integrated into JDK24 as a Preview Feature.  Preview features does not permanently define the API and it is subject to change in future releases until it is finalized.
>> 
>> Details about this change can be seen at [PEM API JEP](https://bugs.openjdk.org/browse/JDK-8300911).
>> 
>> Thanks
>> 
>> Tony
>
> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
> 
>   comments on the 11th

src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 369:

> 367:         PBEKeySpec keySpec = new PBEKeySpec(password);
> 368:         SecretKey skey;
> 369:         Objects.requireNonNull(key);

@throws NullPointerException if the key or password are null.
But when password null case looks not handled?

src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 451:

> 449:      * @throws RuntimeException on an encryption errors.  The cause may include
> 450:      * IllegalBlockSizeException, BadPaddingException, or InvalidKeyException.
> 451:      * @throws NullPointerException if the key or password are null. Also, if

@throws NullPointerException if the key or password are null.
Here it supposed to be -  throws NullPointerException if the key or enckey are null.?

src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 548:

> 546:      * @throws InvalidKeyException if an error occurs during parsing of the
> 547:      * encrypted data or creation of the key object.
> 548:      *

Do we need to specify the RuntimeException cases in this documentation?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2086134022
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2086145774
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2086163702

More information about the security-dev mailing list