On Wed, 19 May 2021 19:20:20 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> cleanup
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java
> line 402:
>
>> 400: }
>> 401: try {
>> 402: ArrayUtil.nullAndBoundsCheck(input, inputOffset, inputLen);
>
> Why is only this ArrayUtil.nullAndBoundsCheck(...) present in this
> engineDoFinal(...)? There are other engineUpdate/engineDoFinal() calls which
> also have input array, offset, and length. Shouldn't this check be added
> there as well? If the crypto engine check is separated out into a separate
> method, e.g. checkEngine(), then you don't have to explicitly release the
> crypto engine (as on line 405) and can just call checkEngine() after all the
> input validation has passed.
yeah these checks are a bit all over the place.. I'll rework them
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
