RFR: 8258915: Temporary buffer cleanup [v4]
Weijun Wang
weijun at openjdk.java.net
Sat Jan 23 16:18:40 UTC 2021
On Sat, 23 Jan 2021 05:09:46 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> keyfactory operations on own keyspec
>
> src/java.base/share/classes/com/sun/crypto/provider/DHPrivateKey.java line 116:
>
>> 114: encode();
>> 115: } catch (IOException e) {
>> 116: throw new ProviderException("Cannot produce ASN.1 encoding", e);
>
> Supposedly the IOException should never happen? Otherwise the Arrays.fill(...) call may not happen. Some throws AssertionError wrapping the IOException, just checking to see this is also the case.
No, it should never happen. `DerValue::toByteArray` claims it might throw an IOE because `DerOutputStream::putLength` claims so, but you can see the latter never throws one. I thought about removing those `throws IOE` but there are too many. We can do it in another code change.
> src/jdk.crypto.ec/share/classes/sun/security/ec/ECPrivateKeyImpl.java line 133:
>
>> 131: out.putInteger(1); // version 1
>> 132: out.putOctetString(sOctets);
>> 133: Arrays.fill(sOctets, (byte)0);
>
> The same handling should apply to line 106 above inside makeEncoding(byte[])?
I'll take a look. The test does not show it. Maybe because of the reversing?
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
More information about the security-dev
mailing list