Mercurial > hg > openjdk > jdk9 > jdk
changeset 17190:6435d673ea25
8180635: (doc) Clarify the compatibility and interoperability issue when using provider default values
Summary: updated the javadoc of KeyPairGenerator, KeyGenerator, AlgorithmParameterGenerator and their Spi classes
Reviewed-by: mullan
author | valeriep |
---|---|
date | Thu, 01 Jun 2017 03:26:30 +0000 |
parents | 02bd39544ff1 |
children | 1f820f4aff3e |
files | src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java src/java.base/share/classes/java/security/AlgorithmParameterGeneratorSpi.java src/java.base/share/classes/java/security/KeyPairGenerator.java src/java.base/share/classes/java/security/KeyPairGeneratorSpi.java src/java.base/share/classes/javax/crypto/KeyGenerator.java src/java.base/share/classes/javax/crypto/KeyGeneratorSpi.java |
diffstat | 6 files changed, 63 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/java/security/AlgorithmParameterGenerator.java Thu Jun 01 03:26:30 2017 +0000 @@ -61,11 +61,17 @@ * </ul> * * <P>In case the client does not explicitly initialize the - * AlgorithmParameterGenerator - * (via a call to an {@code init} method), each provider must supply (and - * document) a default initialization. For example, the Sun provider uses a - * default modulus prime size of 1024 bits for the generation of DSA - * parameters. + * AlgorithmParameterGenerator (via a call to an {@code init} method), + * each provider must supply (and document) a default initialization. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the AlgorithmParameterGenerator defaults + * used by JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * AlgorithmParameterGenerator instead of relying on provider-specific defaults. * * <p> Every implementation of the Java platform is required to support the * following standard {@code AlgorithmParameterGenerator} algorithms and
--- a/src/java.base/share/classes/java/security/AlgorithmParameterGeneratorSpi.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/java/security/AlgorithmParameterGeneratorSpi.java Thu Jun 01 03:26:30 2017 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,8 +39,15 @@ * <p> In case the client does not explicitly initialize the * AlgorithmParameterGenerator (via a call to an {@code engineInit} * method), each provider must supply (and document) a default initialization. - * For example, the Sun provider uses a default modulus prime size of 1024 - * bits for the generation of DSA parameters. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the AlgorithmParameterGenerator defaults + * used by JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * AlgorithmParameterGenerator instead of relying on provider-specific defaults. * * @author Jan Luehe *
--- a/src/java.base/share/classes/java/security/KeyPairGenerator.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/java/security/KeyPairGenerator.java Thu Jun 01 03:26:30 2017 +0000 @@ -95,8 +95,15 @@ * <p>In case the client does not explicitly initialize the KeyPairGenerator * (via a call to an {@code initialize} method), each provider must * supply (and document) a default initialization. - * For example, the <i>Sun</i> provider uses a default modulus size (keysize) - * of 1024 bits for DSA key pairs. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the KeyPairGenerator defaults used by + * JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * KeyPairGenerator instead of relying on provider-specific defaults. * * <p>Note that this class is abstract and extends from * {@code KeyPairGeneratorSpi} for historical reasons.
--- a/src/java.base/share/classes/java/security/KeyPairGeneratorSpi.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/java/security/KeyPairGeneratorSpi.java Thu Jun 01 03:26:30 2017 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -39,8 +39,15 @@ * <p> In case the client does not explicitly initialize the KeyPairGenerator * (via a call to an {@code initialize} method), each provider must * supply (and document) a default initialization. - * For example, the <i>Sun</i> provider uses a default modulus size (keysize) - * of 1024 bits. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the KeyPairGenerator defaults used by + * JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * KeyPairGenerator instead of relying on provider-specific defaults. * * @author Benjamin Renaud * @since 1.2
--- a/src/java.base/share/classes/javax/crypto/KeyGenerator.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/javax/crypto/KeyGenerator.java Thu Jun 01 03:26:30 2017 +0000 @@ -83,6 +83,15 @@ * <p>In case the client does not explicitly initialize the KeyGenerator * (via a call to an {@code init} method), each provider must * supply (and document) a default initialization. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the KeyGenerator defaults used by + * JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * KeyGenerator instead of relying on provider-specific defaults. * * <p> Every implementation of the Java platform is required to support the * following standard {@code KeyGenerator} algorithms with the keysizes in
--- a/src/java.base/share/classes/javax/crypto/KeyGeneratorSpi.java Wed May 31 19:54:16 2017 -0700 +++ b/src/java.base/share/classes/javax/crypto/KeyGeneratorSpi.java Thu Jun 01 03:26:30 2017 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -35,6 +35,19 @@ * cryptographic service provider who wishes to supply the implementation * of a key generator for a particular algorithm. * + * <p>In case the client does not explicitly initialize the KeyGenerator + * (via a call to an {@code init} method), each provider must + * supply (and document) a default initialization. + * See the Keysize Restriction sections of the + * <a href="{@docRoot}/../technotes/guides/security/SunProviders.html"> + * JDK Providers</a> + * document for information on the KeyGenerator defaults used by + * JDK providers. + * However, note that defaults may vary across different providers. + * Additionally, the default value for a provider may change in a future + * version. Therefore, it is recommended to explicitly initialize the + * KeyGenerator instead of relying on provider-specific defaults. + * * @author Jan Luehe * * @see SecretKey