Code Review Request, 8221253: TLSv1.3 may generate TLSInnerPlainText longer than 2^14+1 bytes

Xuelei Fan xuelei.fan at oracle.com
Fri May 10 16:30:16 UTC 2019


Hi Jamil,

Thank you for the review.

On 5/10/2019 9:22 AM, Jamil Nimeh wrote:
> This looks good to me.  One question, more for my curiosity than 
> anything else: Is the way you loaded the appData array in the test code 
> done for any specific reason?  Or did you just want to make sure you had 
> printable ASCII that wasn't all just the same character, so it looked 
> "random-ish"?
> 
I used the printable ASCII bytes for debug log checking.  It is easier 
to analysis the SSL record log with printable code.

Thanks,
Xuelei

> --Jamil
> 
> On 5/9/2019 1:28 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Could I get the following update reviewed?
>>
>>    http://cr.openjdk.java.net/~xuelei/8221253/webrev.00/
>>
>> Because of the padding impact, the TLS 1.3 record in the JDK Reference 
>> implementation could exceed the limit.  It is not the expected behavior.
>>
>> Thanks,
>> Xuelei
> 



More information about the security-dev mailing list