RFR: 8283577: SSLEngine.unwrap on read-only input ByteBuffer [v2]

[Anthony Scarpino]

On Sat, 14 May 2022 03:29:14 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> Hi,
>> 
>> I need a review of this fix to allow a read-only 'src' buffer to be used with SSLEngine.unwrap(). A temporary read-write buffer is created in the SSLCipher operation when a read-only buffer is passed. If the 'src' is read-write, there is no effect on the current operation
>> 
>> The PR also includes a CSR for an API implementation note to the SSLEngine.unwrap. The 'src' buffer may be modified during the decryption operation. 'unwrap()' has had this behavior forever, so there is no compatibility issue with this note. Using the 'src' buffer for in-place decryption was a performance decision.
>> 
>> Tony
>
> Anthony Scarpino has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains four commits:
> 
>  - review update
>  - update some nits
>  - PR ready
>  - Initial

There is too much grey area.  It says the src buffer maybe modified, which one could interpret it cannot be a read-only, but that would still need clarification to explicitly say "no read only buffers".  And other than these internal 'in-place' crypto reason, there is no API reason to not allow read-only buffers as input.
I did think about closing the CSR as the text was already there about the src buffer, even thought it was using a different term.  But I felt strongly enough that I wanted to prevent that confusion in the future.

-------------

PR: https://git.openjdk.java.net/jdk/pull/8462