RFR: 8255557: Decouple GCM from CipherCore [v2]

Valerie Peng valeriep at openjdk.java.net
Mon May 24 18:22:48 UTC 2021


On Mon, 24 May 2021 16:34:51 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 203:
>> 
>>> 201:         // allocating and copying for direct bytebuffers
>>> 202:         if (!src.isDirect() && !dst.isDirect() &&
>>> 203:             !src.isReadOnly() && !dst.isReadOnly()) {
>> 
>> Why do we need to check for src being isReadOnly() since we are not writing bytes into src? As for dst, if it's read only, then we should probably not proceed further? The other update method which takes ByteBuffer dst did not check if it's read only. A bit inconsistent?
>
> src.array() throws an exception if it's read only

Other files seem to use src.hasArray() call which also checked for read only. Maybe that's what you meant to use?

>> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 283:
>> 
>>> 281:         // allocating and copying for direct bytebuffers
>>> 282:         if (!src.isDirect() && !dst.isDirect() &&
>>> 283:             !src.isReadOnly() && !dst.isReadOnly()) {
>> 
>> Same question regarding the isReadOnly() calls as in the update(ByteBuffer, ByteBuffer) method.
>
> src.array() throws an exception if it's read only

Same, meant to use src.hasArray()?

-------------

PR: https://git.openjdk.java.net/jdk/pull/4072


More information about the security-dev mailing list