On Thu, 13 Apr 2023 22:36:04 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> src/java.base/share/classes/javax/crypto/KEMSpi.java line 119:
>>
>>> 117: * of {@code from} and {@code to} are within the correct range.
>>> 118: * Therefore an implementation of this method does not need to
>>> 119: * validate them.
>>
>> The KEM caller does validate the parameters, but the caller may be more
>> widely other than the KEM. Then, the statement here could be wrong at that
>> time.
>
> I can rewrite this into something like "The caller of this method must
> validate..." so it becomes a requirement. We'll make sure the `KEM` class
> follows it. Any other class that wishes to call it directly must do it as
> well.
You can make it a required part of the specification. But it is a error-prone
design.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13256#discussion_r1166196969
