Code Review Request for 7146728 and 7130959
Valerie (Yu-Ching) Peng
valerie.peng at oracle.com
Fri Mar 9 20:57:50 UTC 2012
Ok, more comments/changes added as suggested.
Webrev updated at:
http://cr.openjdk.java.net/~valeriep/7146728/webrev.02/
Thanks,
Valerie
On 03/08/12 17:15, Brad Wetmore wrote:
>
> >> DHKeyAgreement:
> >> ===============
>
> > I added more comments to both code blocks to explain what's going on.
>
> A couple more requested comments.
>
> Around line 299, could please add that the sign bit is always 0.
>
> Around line 303, could you put in a comment that since there is enough
> room here for the sign bit in this array, it just becomes a leading zero.
>
>> Good point, I modified the engineGenerateSecret() to leverage
>> engineGenerateSecret(byte[], int) method.
>
> Great, thanks!
>
>>> P11KeyAgreement.java
>>> ====================
>>>
>>> // Solaris
>>>
>>> Shouldn't this be "// Solaris/NSS", for the case in which there isn't
>>> a leading zero?
>> Well, I think putting NSS in both places seems somewhat confusing. What
>> I tried to point out is that NSS (at least in the older versions, I have
>> not tried the newer version to see if they switched behavior) trims off
>> the leading 0s whenever possible. I've made some modification hoping to
>> make it clearer.
>
> Much better, thanks!
>
> Minor nit (take or leave) you could adjust the logic around 208 to
> only create newSecret if secret.length < secretLen.
>
> if (secret.length > secretLen) {
> throw new ProviderException(...
> }
> byte [] newSecret = new byte[secretLen];
> System.arraycopy(...);
> return newSecret;
>
>>
>
>>> TestShort.java
>>> ==============
>>> New bugid
>>>
>>> @bug 4942494 7146728
>> Done.
>>
>>> Indention problem around the try.
>> Fixed.
>
> Thanks for taking out the commented out code, I almost mentioned it
> and then didn't.
>
> Brad
More information about the security-dev
mailing list