On Tue, 16 Sep 2025 23:03:00 GMT, Mark Powers <[email protected]> wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232) > > Mark Powers has updated the pull request incrementally with one additional > commit since the last revision: > > a few more comments src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java line 173: > 171: if (keyLength > 0) { > 172: pBKDF2_params.putInteger(keyLength / 8); // derived key > length (in octets) > 173: } I think `keyLength` is a MUST here. Maybe this should instead check if `keyLength` is `<= 0`, and if so, throw an exception. Then proceed to encode `keyLength` unconditionally. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2356839298
