Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
Xuelei Fan
xuelei.fan at oracle.com
Fri Nov 23 11:54:48 UTC 2012
On 11/23/2012 7:22 PM, Florian Weimer wrote:
> On 11/22/2012 04:00 PM, Xuelei Fan wrote:
>> Hi Valerie, Max or Brad,
>>
>> Can you review the update for JDK-7030966? It is the JSSE part of JEP
>> 115.
>>
>> webrev: http://cr.openjdk.java.net./~xuelei/7030966/webrev.00/
>> JEP 115: http://openjdk.java.net/jeps/115
>>
>> In the update, I have not remove the debug synchronization. I will
>> remove them before pushing the changeset.
>
> Does this add a new memory allocation to every TLS record which is being
> processed?
Not really. We used to use large memory block (Record.maxRecordSize)
for every record. The buffer size does not get changed.
In the future, we may consider to use size-adjustable small records.
>
> I believe the comment in Authenticator should read:
>
> * This interface represents an SSL/TLS message authentication token,
> * which encapsulates a sequence number and ensures that attempts to
> * delete or reorder messages can be detected.
>
> Quotes from the RFC should probable marked as such.
>
Thanks for the word-smithing. It really helps a lot to me.
Thanks,
Xuelei
More information about the security-dev
mailing list