RFR: 8283577: SSLEngine.unwrap on read-only input ByteBuffer
Bradford Wetmore
wetmore at openjdk.java.net
Thu May 12 22:18:11 UTC 2022
On Wed, 11 May 2022 23:03:27 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> test/jdk/javax/net/ssl/SSLSession/ReadOnlyEngine.java line 172:
>>
>>> 170: out.clear();
>>> 171: String testString = "ASDF";
>>> 172: in.put(testString.getBytes()).flip();
>>
>> If you're going to convert back from UTF_8 later, you should probably convert using getBytes(UTF_8) here.
>
> setting the input to UTF8 isn't a concern. The latter line to decode it changes it from using the ByteBuffer.toString() to the contents of the ByteBuffer in a String.
You could use the default charsets for encoding and decoding. i.e.
in.clear();
receive(server, out.asReadOnlyBuffer(), in);
byte[] ba = new byte[in.remaining()];
in.get(ba);
String testResult = new String(ba);
-------------
PR: https://git.openjdk.java.net/jdk/pull/8462
More information about the security-dev
mailing list