RFR: 8293779: redundant checking in AESCrypt.makeSessionKey() method [v2]
Sean Mullan
mullan at openjdk.org
Wed Sep 14 17:51:02 UTC 2022
On Wed, 14 Sep 2022 17:36:50 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with two additional commits since the last revision:
>>
>> - remove unused throws in comment
>> - remove unused throws
>
> src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 605:
>
>> 603: */
>> 604: private void makeSessionKey(byte[] k) throws InvalidKeyException {
>> 605: int ROUNDS = getRounds(k.length);
>
> You could have left the check in here and removed the duplicate check from `init()`. Since the key is not referenced by `init` unless the key is different from the last key, it seems cleaner to leave it here, and I think the check would be invoked fewer times if the same key is reused.
Actually, NM, init still has to call MessageDigest.isEqual so eliminating keys of invalid length before that is probably more efficient.
-------------
PR: https://git.openjdk.org/jdk/pull/10263
More information about the security-dev
mailing list