RFR: 8360564: Implement JEP 524: PEM Encodings of Cryptographic Objects (Second Preview) [v6]
Anthony Scarpino
ascarpino at openjdk.org
Wed Oct 15 17:12:30 UTC 2025
On Wed, 15 Oct 2025 12:56:04 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> updates
>
> src/java.base/share/classes/java/security/PEMDecoder.java line 399:
>
>> 397: * end of the {@code InputStream}
>> 398: * @throws IllegalArgumentException on error in decoding
>> 399: * @throws ClassCastException if {@code tClass} does not represent the PEM type
>
> It's a little odd this throws a `ClassCastException`. This seems more like an `IllegalArgumentException` to me because you are passing in the wrong type.
@wangweij pushed for CCE instead of IAE. It is a valid argument, but cannot be cast to that object. I think one can make a case for both exception types, but CCE was a bit stronger.
> src/java.base/share/classes/java/security/PEMEncoder.java line 326:
>
>> 324: if (privateEncoding == null) {
>> 325: throw new IllegalArgumentException("This DEREncodable cannot " +
>> 326: "be encrypted.");
>
> It seems you could move this check earlier when you check if `keyspec` is not null.
buildKey is now reworked from a bug
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2433371104
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2430763698
More information about the security-dev
mailing list