-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 11/22/18 16:43, Mark Thomas wrote: > On 22/11/2018 19:17, Christopher Schultz wrote: >> Mark, >> >> On 11/22/18 05:21, Mark Thomas wrote: >>> On 21/11/2018 22:39, Christopher Schultz wrote: >>>> Mark, >>>> >>> <snip/> >> >>>>> I thought you were using CBC so a missing block (a message >>>>> being one or more blocks) means that the next message can't >>>>> be decrypted. >>>> >>>> CBC *is* being used, but the cipher is reset after each >>>> message, and a new IV is being randomly generated for that >>>> purpose. There is no state-carryover between messages. At >>>> least, there shouldn't be. >> >>> Ah. Thanks for the explanation. I should have looked at the >>> code. That should all work then. >> >>> I'll try and find some time today to figure out what is >>> causing the error messages I am seeing. >> >> Thanks, I'd appreciate a second set of eyes. >> >> I can't seem to find any problems with it. The only "problems" I >> ended up finding were poorly-written tests :) > > syncs on encrypt() and decrypt() seem to have done the trick. That > was just a quick hack to confirm a suspicion - it isn't the right > long term fix. > > If we want this to be performant under load I'd lean towards using > a Queue for encryption ciphers and another for decryption ciphers > along the lines of the way SessionIdGeneratorBase handles > SecureRandom. > > We should probably handle SecureRandom the same way. > > I'll start working on a patch. Hmm... I was under the impression that the message-sending operations were single-threaded (and similar with the receiving operations). I've read that calling Cipher.init() is expensive, but since it's being done for every outgoing (and incoming) message, perhaps there is no reason to re-use Cipher objects. I'd be interested to see a micro-benchmark showing whether all that complexity (Cipher object pool) is really worth it. It probably isn't, given that the code without that complexity would be super clear and compact. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlv3LnoACgkQHPApP6U8 pFg2ZA/+N1tUfYqTja/rEpgrf3FeM9PSukLit78qK16bFXRjyB7RbkiwaBj696VW hhOvO5/5FeRPIJWHBPbAL6pwiMND3vGjhZHjCM9HOjoTF1cAL75s+0PUQNYy184O 71T3ozvcxy0TQ/cUKZb0eYOGfleeZWmQ7SZsrozNtGgT9QDSptGLsXi4a+8B5VfJ nbtpOAibFyCSYguLuBHjCdBzY1xAQXEZnvPOpEfZyYl40aTjEn7o8GmbdqOtcu1t BrATqi0Dtju5PqPHsnAgdG9PDbw6KyDC+qcCaJ7ljF8arfiGXrc84T5X398ZWEGq 0dzLJeAe4gCfriBDY7EKl62bwVQFQZAOXxA4tvYaSS6kUI+Y1tWxm7pq28qdUXfS QEKxV+mwglxkhjRdBbiuKW+7TJV6vX81G7hNud6kaaEIh+ycoIXGJfLgir4Q7PKP uL8CQtQfsTd17lX7nBvfSuV+9/eWLOGPBjcpUrFQzDruH0OYE99rM9SikGlQlS1h UfKdYuI2H1JxRxMC5Etd9gEDFtiBbencnjMUv295xu4N01UvqklKniHzoFMRwWV/ Z0oGHvAboE40EeGiW1ybiofLteO1ZwYJ83pq1Ma4muN+swvkJqVz7IiQswasKPwP +HMv9o47IQbEQVyfsHyT+NMFOTgfB1FZWxU3D666Hl+QVREJbyA= =/Di8 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
