Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
Xuelei Fan
xuelei.fan at oracle.com
Fri Nov 23 12:24:27 UTC 2012
On 11/23/2012 8:01 PM, Florian Weimer wrote:
> On 11/23/2012 12:54 PM, Xuelei Fan wrote:
>> On 11/23/2012 7:22 PM, Florian Weimer wrote:
>>> On 11/22/2012 04:00 PM, Xuelei Fan wrote:
>>>> Hi Valerie, Max or Brad,
>>>>
>>>> Can you review the update for JDK-7030966? It is the JSSE part of JEP
>>>> 115.
>>>>
>>>> webrev: http://cr.openjdk.java.net./~xuelei/7030966/webrev.00/
>>>> JEP 115: http://openjdk.java.net/jeps/115
>>>>
>>>> In the update, I have not remove the debug synchronization. I will
>>>> remove them before pushing the changeset.
>>>
>>> Does this add a new memory allocation to every TLS record which is being
>>> processed?
>
>> Not really. We used to use large memory block (Record.maxRecordSize)
>> for every record. The buffer size does not get changed.
>
> I'm referring to this code in
> Authenticator.acquireAuthenticationBytes(). If I'm not mistaken, this
> is called for every record. Previously, the array was directly hashed,
> and after the refactoring, a copy is made and then hashed. Or am I
> missing something?
>
Sorry for my miss-understanding. You are right here. We can return the
array reference without clone. I was too conservative so that I always
want to return copied array for safe coding style.
It's not big problem to me because the array size is only 13 bytes, the
clone should be pretty fast, and the memory footprint should be pretty
small.
Thanks,
Xuelei
More information about the security-dev
mailing list