JDK-6976527 : The new IV work in TLS 1.1 is doing unnecessary copies following crypto operations
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 7
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: generic
  • CPU: generic
  • Submitted: 2010-08-12
  • Updated: 2019-02-11
  • Resolved: 2015-09-09
Related Reports
Duplicate :  
JDK-8043758 - JEP 219: Datagram Transport Layer Security (DTLS)
Description
In CipherBox, we added some code to handle the addition of the IV in the data packet.  This results in us moving around some data to "prepend" the dynamic IV field on an encryption, and "strips" the IV field on decryption.

This would be much better handled by modifying the Input/OutputRecords.  Pass down the IV size to the Input/OutputRecord, then let the I/OR offset the data being written/read by the IV size.  I think it's a simple adjustment to the count variables.

I may be thinking this is too easy, but it seems very straightforward.
Comments
We made similar enhancement in JEP 219/JDK-8043758, close it as duplicated.
09-09-2015
EVALUATION We may address it togther with CR 6851437. Maybe in JDK 7, maybe not.
15-02-2011