Couple of things wrt JDK 1.2 java.security.*

George Chung (gchung@openhorizon.com)
Thu, 19 Feb 1998 14:58:13 -0800

From: "George Chung" <gchung@openhorizon.com>
To: <java-security@web1.javasoft.com>
Subject: Couple of things wrt JDK 1.2 java.security.*
Date: Thu, 19 Feb 1998 14:58:13 -0800

I submitted these through the online form, but I thought I'd also drop you
guys a line.

The new MessageDigest.digest(byte buf[], int offset, int len) is a great
idea. It allows the message digest to be placed in an already allocated
array.

Unfortunately, the implementation of the above method allocates a new byte
array anyway. I don't understand this. The data member digestBits doesn't
seem to serve any useful purpose. This would have a non-trivial impact to an
SSL implementation which needs to digest every SSLRecord.

=============

Signature should be enhanced (per the new digest() method) with a sign()
method that places the signature in an already allocated array.

=============

Finally, the javadoc is not so clear on what MessageDigest.digest(byte
buf[], int offset, int len) is supposed to return. It says the length of the
hash. But this info is already available through
MessageDigest.getDigestLength(). Shouldn't it be the number of digest bytes
placed into buf?

Regards,
George Chung
Open Horizon, Inc.