On Tue, 26 Sep 2023 19:37:23 GMT, Kevin Driver <[email protected]> wrote:
> Fix JDK-8295919 by updating the javadoc to explain that a null or zero-length
> `digestb` will also result in a short-circuit response
src/java.base/share/classes/java/security/MessageDigest.java line 464:
> 462: * It does not depend on the length of {@code digestb} or the
> contents
> 463: * of {@code digesta} and {@code digestb}, unless {@code digestb} is
> null
> 464: * or has a length of zero bytes.
I think this new text should be moved earlier to the first sentence, since that
first sentence is not always true given this condition. I suggest rewording the
first two sentences as:
"All bytes in {@code digesta} are examined to determine equality, unless {@code
digestb} is {@code null}
or has a length of zero bytes. If {@code digestb} is not {@code null} and does
not have a length of zero bytes,
then the calculation time depends only on the length of {@code digesta}."
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15933#discussion_r1339111610
