On Thu, 17 Apr 2025 22:59:49 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Martin Balao has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Inform key sizes in the exception when failing check. > > src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java > line 605: > >> 603: } >> 604: } >> 605: } > > Hmm, how about separating out AES, RC4, Blowfish and ChaCha20 to a separate > case? Only DES and DES3 needs parity checking and they are very legacy. We would need to repeat code if we separate (invocation to `P11KeyGenerator::checkKeySize`). Does not look complex enough in my opinion to merit this split. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24526#discussion_r2051055130
