On Thu, 28 May 2026 05:25:22 GMT, Anthony Scarpino <[email protected]> wrote:
>> Please review the third preview of the PEM API at >> https://openjdk.org/jeps/8376991. The most significant changes from the >> second preview, JEP 524 (https://openjdk.org/jeps/524), include: >> >> - The `PEM` class is now an ordinary class rather than a record. It adds >> Binary-encoded content constructors and data is defensively copied. >> - The `DEREncodable` interface is renamed to `BinaryEncodable` to more >> accurately reflect the binary data stored in PEM text. >> - In `EncryptedPrivateKeyInfo`, the `encrypt` methods now accept >> `BinaryEncodable`, and the `getKey()` and `getKeyPair()` methods no longer >> include a `Provider` parameter. >> - A new `CryptoException` class indicates failures in cryptographic >> processing at runtime. >> >> thanks >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Anthony Scarpino has updated the pull request incrementally with one > additional commit since the last revision: > > since updates Some final comments. src/java.base/share/classes/java/security/PEMDecoder.java line 176: > 174: * @return the default {@code PEMDecoder} > 175: * > 176: * @since 25 You can remove the `@since` above since it can be inherited from the class. src/java.base/share/classes/java/security/PEMDecoder.java line 335: > 333: * @throws EOFException if no PEM data is found or the stream ends > unexpectedly > 334: * @throws IllegalArgumentException if decoding fails > 335: * @throws NullPointerException when {@code InputStream} is {@code > null} Other methods use `if ... is null`. src/java.base/share/classes/java/security/PEMDecoder.java line 372: > 370: * {@link java.nio.charset.StandardCharsets#UTF_8 UTF-8}. > 371: * > 372: * @param <S> the requested {@code BinaryEncodable} type The word above is not the same as in `decode(is, tClass)`. src/java.base/share/classes/java/security/PEMDecoder.java line 379: > 377: * @throws IllegalArgumentException on error in decoding or no PEM > data found > 378: * @throws ClassCastException if {@code tClass} does not represent > the PEM type > 379: * @throws NullPointerException when any input values are {@code > null} Other methods use `if ... is null`. src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line 405: > 403: * @throws NullPointerException if {@code be} or {@code password} is > {@code null} > 404: * @throws IllegalArgumentException if {@code be} is an unsupported > 405: * {@code BinaryEncodable} The other overloads have `or has no encoding`. src/java.base/share/classes/sun/security/util/KeyUtil.java line 577: > 575: * in a {@code finally} block before returning or propagating an > exception. > 576: * > 577: * @code encoding} is temporary sensitive data and is always wiped. Add `{`. ------------- PR Review: https://git.openjdk.org/jdk/pull/29640#pullrequestreview-4384181944 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320265429 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320291884 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320287133 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320292659 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320260981 PR Review Comment: https://git.openjdk.org/jdk/pull/29640#discussion_r3320247776
