Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115) (original) (raw)
Xuelei Fan xuelei.fan at oracle.com
Sun Jan 20 02:31:30 UTC 2013
- Previous message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Next message (by thread): hg: jdk8/tl/langtools: 8006561: Langtools test failure: missing diags/examples
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
webrev: http://cr.openjdk.java.net./~xuelei/7030966/webrev.03/
A significant update of CipherBox.java.
We are not able to know whether a cipher for a particular key size is available or not until the cipher is successfully initialized. For example, we can get instance for "AES/GCM/NoPadding". But we don't known whether the instance can work with AES-128 or AES-256 or not unless we the Cipher.init() is called.
In the past, when a CipherBox is constructed, the cipher is always initialized. However, for AEAD ciphers, we cannot initialized the cipher in the constructor. We need an additional method to tell whether a CipherBox is available or not for AEAD ciphers. The CipherSuite.BulkCipher.isAvailable() will use this method to test the availability of a cipher suites.
Thanks, Xuelei -------------- next part -------------- /* * Is this cipher available? * * This method can only be called by CipherSuite.BulkCipher.isAvailable() * to test the availability of a cipher suites. Please DON'T use it in * other places, otherwise, the behavior may be unexpected because we may * initialize AEAD cipher improperly in the method. */ Boolean isAvailable() { // We won't know whether a cipher for a particular key size is // available until the cipher is successfully initialized. // // We do not initialize AEAD cipher in the constructor. Need to // initialize the cipher to ensure that the AEAD mode for a // particular key size is supported. if (cipherType == AEAD_CIPHER) { try { Authenticator authenticator = new Authenticator(protocolVersion); byte[] nonce = authenticator.sequenceNumber(); byte[] iv = Arrays.copyOf(fixedIv, fixedIv.length + nonce.length); System.arraycopy(nonce, 0, iv, fixedIv.length, nonce.length); GCMParameterSpec spec = new GCMParameterSpec(tagSize * 8, iv);
cipher.init(mode, key, spec, random);
} catch (Exception e) {
return Boolean.FALSE;
}
} // Otherwise, we have initialized the cipher in the constructor.
return Boolean.TRUE;
}- Previous message (by thread): Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)
- Next message (by thread): hg: jdk8/tl/langtools: 8006561: Langtools test failure: missing diags/examples
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]