On Sat, 23 Jan 2021 05:09:46 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> keyfactory operations on own keyspec
>
> src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java line
> 116:
>
>> 114: encode();
>> 115: } catch (IOException e) {
>> 116: throw new ProviderException("Cannot produce ASN.1
>> encoding", e);
>
> Supposedly the IOException should never happen? Otherwise the
> Arrays.fill(...) call may not happen. Some throws AssertionError wrapping the
> IOException, just checking to see this is also the case.
No, it should never happen. `DerValue::toByteArray` claims it might throw an
IOE because `DerOutputStream::putLength` claims so, but you can see the latter
never throws one. I thought about removing those `throws IOE` but there are too
many. We can do it in another code change.
> src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java line
> 133:
>
>> 131: out.putInteger(1); // version 1
>> 132: out.putOctetString(sOctets);
>> 133: Arrays.fill(sOctets, (byte)0);
>
> The same handling should apply to line 106 above inside makeEncoding(byte[])?
I'll take a look. The test does not show it. Maybe because of the reversing?
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
