RFR: 8244336: Restrict algorithms at JCE layer [v9]

Valerie Peng valeriep at openjdk.org
Thu Sep 4 00:32:47 UTC 2025


On Wed, 3 Sep 2025 21:12:50 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> Well, it's not necessarily NSAE, e.g. `java.security.KeyStore` class throws `KeyStoreException`. Maybe just state "An exception will be thrown if the algorithm is disabled"?
>
> Ah, right. I think I would prefer if we state the actual exception thrown, even if it's a bit longer. So how about: "If the algorithm is disabled, a NoSuchAlgorithmException will be thrown by the getInstance methods of Cipher, MessageDigest, and Signature and a KeyStoreException by the getInstance methods of KeyStore."

Ok, I will add it.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2320527177


More information about the security-dev mailing list