On Thu, 31 Oct 2024 01:44:32 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> I'm not sure if it was exclusively a Security Manager exception, but >> @seanjmullan had said previously that `SecurityException` was used elsewhere. > > It was used when `JarInputStream::read` encountered a wrong hash or > signature. But, it was mainly used for permission violation. We should not be using `SecurityException` for any new APIs right now until its fate is decided. I think we should throw a checked exception here (whatever the underlying Cipher throws), as it would be more consistent with the other methods in this API. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2079757579
