On Wed, 9 Jun 2021 20:55:42 GMT, Jack Hartstein
<github.com+44308314+jackh2...@openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/spec/RC5ParameterSpec.java line 39:
>>
>>> 37: *
>>> 38: * <p> This class can be used to initialize a {@code Cipher} object that
>>> 39: * implements the <i>RC5</i> algorithm as specified in <a
>>> href="https://datatracker.ietf.org/doc/html/rfc2040";>RFC 2040</a>.
>>
>> Try to keep lines to <= 80 chars. Maybe break after "in"
>
> Fixed. I'll check on the CSR.
This class already references RFC 2040 (see line 32) so on that basis a CSR for
this specific change is probably not required.
But the "RC5" algorithm is listed as a standard algorithm in the Java Security
Standard Algorithm Names specification but the definition does not reference
RFC 2040:
https://docs.oracle.com/en/java/javase/16/docs/specs/security/standard-names.html#cipher-algorithm-names
Instead it has this description: "Variable-key-size encryption algorithms
developed by Ron Rivest for RSA Data Security, Inc.". That definition is
somewhat dated and I think we should just replace this with "The RC5 algorithm
as specified in RFC 2040" to match what you have in the javadoc. But that type
of change probably requires a CSR since it would be modifying that
specification.
I think you could either tackle that change as part of this, or file a
follow-on issue to update the RC5 algorithm in the Standard Algorithm Names
specification.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4443
