On Thu, 29 Jan 2026 20:45:12 GMT, Weijun Wang <[email protected]> wrote:
>> src/java.base/share/classes/sun/security/pkcs/NamedPKCS8Key.java line 68: >> >>> 66: /// >>> 67: /// A `NamedPKCS8Key`, when created, must include `expanded` if >>> required, its >>> 68: /// `privKeyMaterial` must have already been validated for internal >>> consistency. >> >> I don't understand this sentence - maybe should be two sentences? > > I can break it into 2 sentences. Basically, it means after this key has been > created, the `expanded` and `privKeyMaterial` fields have already been > checked for consistency so users don't need to check anymore. How about this? /// If the `expanded` field is required by the algorithm, it is either /// [calculated from the PKCS #8 encoding][#NamedPKCS8Key(String, byte[], Expander)], /// or [provided directly][#NamedPKCS8Key(String, String, byte[], byte[])]. /// In the latter case, the caller must ensure the consistency of the `encoded` /// and `expanded` arguments. For example, seed and expanded key should match. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24969#discussion_r2743564211
