RFR: 8193892: Impact of noncloneable MessageDigest implementation

Brad Wetmore bradford.wetmore at oracle.com
Fri Feb 23 20:14:27 UTC 2018 

Minor comments.  I'm ok with leaving as is, but this seems cleaner.

MyProvider.java
---------------
Would prefer to use the non-deprecated super call.

*Digest.java
------------
Would you consider making these 3 duplicate classes into a single class, 
with the three public derived classes within?  And then update the 
MyProvider entries with DigestBase${MD5,SHA,SHA256}.  i.e.

import java.security.*;

class DigestBase extends MessageDigestSpi {

     private MessageDigest digest = null;

     public DigestBase(String alg, String provider) throws Exception {
         digest = MessageDigest.getInstance(alg, provider);
     }

     @Override
     protected void engineUpdate(byte input) {
         digest.update(input);
     }

     @Override
     protected void engineUpdate(byte[] input, int offset, int len) {
         digest.update(input, offset, len);
     }

     @Override
     protected byte[] engineDigest() {
         return digest.digest();
     }

     @Override
     protected void engineReset() {
         digest.reset();
     }

     public static final class MD5 extends DigestBase {
         public MD5() throws Exception {
             super("MD5", "SUN");
         }
     }

     public static final class SHA extends DigestBase {
         public SHA() throws Exception {
             super("SHA", "SUN");
         }
     }

     public static final class SHA256 extends DigestBase {
         public SHA256() throws Exception {
             super("SHA-256", "SUN");
         }
     }
}

Thanks, sorry for the delay.

Brad



On 2/15/2018 7:40 AM, Xuelei Fan wrote:
> Looks fine to me.  Thanks!
> 
> Xuelei
> 
> On 2/15/2018 1:04 AM, Seán Coffey wrote:
>> A reminder for this review..
>>
>> regards,
>> Sean.
>>
>>
>> On 09/02/2018 16:25, Seán Coffey wrote:
>>> Looking to push a new test which helps test CloneableDigest code. 
>>> It's something that arose during JDK-8193683 fix.
>>>
>>> The test was contributed by Brad Wetmore. I've converted it to use 
>>> the SSLSocketTemplate.
>>>
>>> JBS : https://bugs.openjdk.java.net/browse/JDK-8193892
>>> webrev : http://cr.openjdk.java.net/~coffeys/webrev.8193892/webrev/
>>>
>>

More information about the security-dev mailing list