[cp-patches] RFC: Crypto PBEKeySpec password references

Casey Marshall csm at gnu.org
Fri Jun 30 00:25:17 UTC 2006

On Jun 29, 2006, at 4:33 PM, Matthew Wringe wrote:

> On Thu, 2006-06-29 at 15:36 -0700, Casey Marshall wrote:
>> On Jun 29, 2006, at 3:24 PM, Matthew Wringe wrote:
>>> Hi,
>>> I have attached a very small patch that fixes PR28204 : PBEKeySpec
>>> incorrectly deletes the originally passed password array
>>> (http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28204)
>>> Instead of taking a reference to the passed password, it now  
>>> creates a
>>> copy of it.
>> This looks fine, except for this space here at the end:
>>> +    System.arraycopy(password, 0, this.password, 0,
>>> password.length );
>> And you can accomplish the same thing with `clone()'.
>> The JavaDoc should also be updated to explain that a copy of the
>> argument is made (the JDK documentation says this, and it is an
>> important API detail).
> The attached patch now uses clone() instead of System.arraycopy and  
> the
> javadoc has been updated to reflect that it only stores a copy.
> Out of curiosity, what is the real big difference between clone() and
> arraycopy? and under what situation should one be used over another?

I think clone() can be faster for arrays, because it can combine the  
allocation and the copy into a single call. But really, I don't have  
any idea if it's actually faster on any VM (it seems like a JIT could  
inline both the `new' call and the array copy).

The only other advantage is that it's much more concise.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 478 bytes
Desc: This is a digitally signed message part
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20060629/d9bd5c07/PGP.pgp

More information about the Classpath-patches mailing list