Description of changes:
Some customers have noticed that passing in a negative length to hash update functions results in an java.lang.OutOfMemoryError instead of an IndexOutOfBoundsException. To more closely match the behavior of other Java Crypto Providers, this PR updates ACCP to return an IndexOutOfBoundsException.
Issue #, if available: P129094931
Description of changes: Some customers have noticed that passing in a negative length to hash update functions results in an
java.lang.OutOfMemoryErrorinstead of anIndexOutOfBoundsException. To more closely match the behavior of other Java Crypto Providers, this PR updates ACCP to return anIndexOutOfBoundsException.Separately, this PR also updates ACCP to never throw
java.lang.OutOfMemoryError, and instead throw anIllegalArgumentException. In Java, Errors are unrecoverable in almost all circumstances (such as the JVM itself running out of memory) and should usually never be caught by applications, while Exceptions can almost always be caught by applications, logged, and allow applications to resume operations as normal. Applications that pass in invalid arguments should receive a standard Java Exception so that they can catch the issue and log it, and not think that the JVM is crashing.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.