Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115) (original) (raw)
Bradford Wetmore bradford.wetmore at oracle.com
Sat Jan 19 08:09:18 UTC 2013
- Previous message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Next message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
EngineOutputRecord.java ======================= 294/296: Another great comment. I might suggest reversing the comments so that the comment about AEAD is in the AEAD arm, and CBC is outside.
I'm not sure I catch your ideas. ;-) Would you please show me the code? Just a simple reversal of the lines so that the code you're talking about is contained in the block that handles it: if (!writeCipher.isAEADMode()) { // DON'T encrypt the nonceexplicit for AEAD mode dstBB.position(dstPos + headerSize); } // The explicit IV in TLS 1.1 and later can be encrypted. Hope that's clearer. Looks like my logic is correct. If the cipher is not AEAD mode, the explicit IV can be encrypted; (otherwise) if the cipher is AEAD mode, don't encrypt the nonceexplicit. if (!writeCipher.isAEADMode()) { // The explicit IV in TLS 1.1 and later can be encrypted. dstBB.position(dstPos + headerSize); } // Otherwise, DON'T encrypt the nonceexplicit for AEAD mode
Good grief. I obviously need more sleep. My apologies. :(
Brad
- Previous message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Next message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]