RFR: 8293779: redundant checking in AESCrypt.makeSessionKey() method [v3]
Xue-Lei Andrew Fan
xuelei at openjdk.org
Wed Sep 14 18:17:00 UTC 2022
On Wed, 14 Sep 2022 17:48:22 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 605:
>>
>>> 603: */
>>> 604: private void makeSessionKey(byte[] k) throws InvalidKeyException {
>>> 605: int ROUNDS = getRounds(k.length);
>>
>> You could have left the check in here and removed the duplicate check from `init()`. Since the key is not referenced by `init` unless the key is different from the last key, it seems cleaner to leave it here, and I think the check would be invoked fewer times if the same key is reused.
>
> Actually, NM, init still has to call MessageDigest.isEqual so eliminating keys of invalid length before that is probably more efficient.
Good point. Modified to use less checking.
If the key is null, the following condition could bypass the checking, and result in NPE.
` if (!MessageDigest.isEqual(key, lastKey)) {
`
Although it is unlikely to happen as the caller should has already been checked that the key cannot be null, but the code logic here is not that clear to read. In the new patch, I have the null checking in the init() method, and the validity checking in the makeSessionKey() method.
-------------
PR: https://git.openjdk.org/jdk/pull/10263
More information about the security-dev
mailing list