On Wed, 3 Jan 2024 20:41:06 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> `KEM.getInstance` now checks if the implementation is from a signed provider > if it's not builtin to JDK. > > Several adjustments to the test: > 1. Put one impl in `SunEC` to pretend it's builtin. This is necessary to test > for provider selection. > 2. When there is no need to choose a provider, use reflection to create a > `KEM` object that bypasses the `getInstance` call. This pull request has now been integrated. Changeset: 9fd855ed Author: Weijun Wang <wei...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/9fd855ed477bb0849ce5c774854844deec0f4c6b Stats: 119 lines in 4 files changed: 74 ins; 29 del; 16 mod 8322971: KEM.getInstance() should check if a 3rd-party security provider is signed Reviewed-by: mullan, valeriep ------------- PR: https://git.openjdk.org/jdk/pull/17253
