[15] RFR JDK-8246077: Cloneable test in HmacCore seems questionable
Valerie Peng
valerie.peng at oracle.com
Thu Jun 4 00:09:44 UTC 2020
Hi,
Anyone can help review this fix? I changed
com.sun.crypto.provider.HmacCore class and
sun.security.ssl.HandshakeHash class to check for cloneability based on
the clone() call instead of the Cloneable interface. Noticed a bug in
sun.security.provider.DigestBase class which misses to reset the
temporary buffer when cloning and fixed it here as well.
Lastly, I also made changes to java.security.MessageDigest and
java.security.Signature classes and attempt to match the Delegate
wrapper with the underlying spi object, i.e. if the spi implements
Cloneable and then Delegate wrapper also implements Cloneable. This part
is mostly for non-JDK callers which rely on the instanceof Cloneable
check for cloneability. However, for Signature class, if the object is
requested using Signature.getInstance(String), then we can't do matching
here since the underlying spi is not yet determined at this time. The 3
TestCloneable.java tests are for testing this last part and is NOT for
the HmacCore and HandshakeHash changes. I am on the fence about this
part and am open to leave this out if minimum fix is preferred.
Bug: https://bugs.openjdk.java.net/browse/JDK-8246077
Webrev: http://cr.openjdk.java.net/~valeriep/8246077/webrev.00/
Thanks,
Valerie
More information about the security-dev
mailing list