[jdk11u-dev] RFR: 8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption [v7]
Scott Gibbons
sgibbons at openjdk.org
Tue Mar 7 19:23:20 UTC 2023
On Mon, 6 Mar 2023 19:33:27 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> Scott Gibbons has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Address review comment
>
> Something that should be verified is that this doesn't expose failed auth tag decrypted GCM data or other GCM decryption. There maybe some unexpected differences as this change was after GCM separated from CipherCore in 17. I believe GCM still uses CipherCore in 11.
@ascarpino I have been looking to see whether any data could be potentially leaked as a result of my change and cannot envision such a scenario. It appears to me that my change is functionally identical to what it would be without the change. Can you please provide more details? Thanks.
-------------
PR: https://git.openjdk.org/jdk11u-dev/pull/1780
More information about the jdk-updates-dev
mailing list