RFR: 8283577: SSLEngine.unwrap on read-only input ByteBuffer

Anthony Scarpino ascarpino at openjdk.java.net
Fri Apr 29 19:23:25 UTC 2022


Hi,

I need a review of this fix to allow a read-only 'src' buffer to be used with SSLEngine.unwrap(). A temporary read-write buffer is created in the SSLCipher operation when a read-only buffer is passed. If the 'src' is read-write, there is no effect on the current operation

The PR also includes a CSR for an API implementation note to the SSLEngine.unwrap. The 'src' buffer may be modified during the decryption operation. 'unwrap()' has had this behavior forever, so there is no compatibility issue with this note. Using the 'src' buffer for in-place decryption was a performance decision.

Tony

-------------

Commit messages:
 - update some nits
 - PR ready
 - Initial

Changes: https://git.openjdk.java.net/jdk/pull/8462/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=8462&range=00
  Issue: https://bugs.openjdk.java.net/browse/JDK-8283577
  Stats: 401 lines in 3 files changed: 301 ins; 20 del; 80 mod
  Patch: https://git.openjdk.java.net/jdk/pull/8462.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/8462/head:pull/8462

PR: https://git.openjdk.java.net/jdk/pull/8462


More information about the security-dev mailing list