Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8201756: Improve cipher inputs
authorapetcher
Mon, 23 Apr 2018 12:01:46 -0400
changeset 52160 2de3d2f1df39
parent 52159 42244a052fbb
child 52161 f1b6c4079be0
8201756: Improve cipher inputs Summary: Clarify spec of CipherInputStream in Javadoc comments Reviewed-by: ascarpino
src/java.base/share/classes/javax/crypto/CipherInputStream.java file | annotate | diff | comparison | revisions 
--- a/src/java.base/share/classes/javax/crypto/CipherInputStream.java	Tue Apr 17 15:55:49 2018 +0800
+++ b/src/java.base/share/classes/javax/crypto/CipherInputStream.java	Mon Apr 23 12:01:46 2018 -0400
@@ -50,6 +50,13 @@
  * that are not thrown by its ancestor classes.  In particular, the
  * <code>skip</code> method skips, and the <code>available</code>
  * method counts only data that have been processed by the encapsulated Cipher.
+ * This class may catch BadPaddingException and other exceptions thrown by
+ * failed integrity checks during decryption. These exceptions are not
+ * re-thrown, so the client may not be informed that integrity checks
+ * failed. Because of this behavior, this class may not be suitable
+ * for use with decryption in an authenticated mode of operation (e.g. GCM).
+ * Applications that require authenticated encryption can use the Cipher API
+ * directly as an alternative to using this class.
  *
  * <p> It is crucial for a programmer using this class not to use
  * methods that are not defined or overridden in this class (such as a
jdk-sandbox