On Wed, 27 Sep 2023 20:15:35 GMT, Kevin Driver <[email protected]> wrote:
>> Fix JDK-8295919 by updating the javadoc to explain that a null or
>> zero-length `digestb` will also result in a short-circuit response
>
> Kevin Driver has updated the pull request incrementally with one additional
> commit since the last revision:
>
> rephrased per code review
src/java.base/share/classes/java/security/MessageDigest.java line 461:
> 459: * @implNote
> 460: * All bytes in {@code digesta} are examined to determine equality,
> unless
> 461: * {@code digestb} is null or has a length of zero bytes. If {@code
> digestb}
Use code font around "null" : `{@code null}`
src/java.base/share/classes/java/security/MessageDigest.java line 463:
> 461: * {@code digestb} is null or has a length of zero bytes. If {@code
> digestb}
> 462: * is not {@code null} and does not have a length of zero bytes,
> then the
> 463: * calculation time depends only on the length of {@code digesta}.
Sorry, my last comment may have been not specific enough but I don't think you
should remove the last sentence - I think that is still important to explain
how it is implemented:
"It does not depend on the length of {@code digestb} or the contents of {@code
digesta} and {@code digestb}."
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15933#discussion_r1340188913
PR Review Comment: https://git.openjdk.org/jdk/pull/15933#discussion_r1340161981
