RFR: 8360564: Implement JEP 524: PEM Encodings of Cryptographic Objects (Second Preview) [v4]
Anthony Scarpino
ascarpino at openjdk.org
Mon Oct 20 18:56:15 UTC 2025
On Wed, 15 Oct 2025 15:02:00 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Ok, I can reword RuntimeException somewhat, but it really is summed up by `Cipher.doFinal()` throwing an error, so an actual "encryption error".
>
> What I mean is that it is very rare for an API to be specified to throw a `RuntimeException`. It is typically a subclass. Also, I know the PEM API is more geared towards throwing unchecked exceptions, but this is an existing lower-level class that already throws checked exceptions when things go wrong, so it does feel to me a bit inconsistent to be throwing runtime exceptions when crypto operations fail in the new methods.
>
> Consider having another look at the way errors are treated in the next API update.
If I remember correctly, in the preview 1 code review this was `GeneralSecurityException` and there was a comment to change it. I'm happy to go back to GSE.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27147#discussion_r2438116809
More information about the security-dev
mailing list