Code Review Request for 7030966, Support AEAD CipherSuites (JSSE part of JEP 115)

Xuelei Fan xuelei.fan at oracle.com
Sat Jan 19 18:31:30 PST 2013


webrev: http://cr.openjdk.java.net./~xuelei/7030966/webrev.03/

A significant update of CipherBox.java.

We are not able to know whether a cipher for a particular key size is
available or not until the cipher is successfully initialized.  For
example, we can get instance for "AES/GCM/NoPadding". But we don't known
whether the instance can work with AES-128 or AES-256 or not unless we
the Cipher.init() is called.

In the past, when a CipherBox is constructed, the cipher is always
initialized. However, for AEAD ciphers, we cannot initialized the cipher
in the constructor.  We need an additional method to tell whether a
CipherBox is available or not for AEAD ciphers.  The
CipherSuite.BulkCipher.isAvailable() will use this method to test the
availability of a cipher suites.

Thanks,
Xuelei
-------------- next part --------------
    /*
     * Is this cipher available?
     *
     * This method can only be called by CipherSuite.BulkCipher.isAvailable()
     * to test the availability of a cipher suites.  Please DON'T use it in
     * other places, otherwise, the behavior may be unexpected because we may
     * initialize AEAD cipher improperly in the method.
     */
    Boolean isAvailable() {
        // We won't know whether a cipher for a particular key size is
        // available until the cipher is successfully initialized.
        //
        // We do not initialize AEAD cipher in the constructor.  Need to
        // initialize the cipher to ensure that the AEAD mode for a
        // particular key size is supported.
        if (cipherType == AEAD_CIPHER) {
            try {
                Authenticator authenticator =
                    new Authenticator(protocolVersion);
                byte[] nonce = authenticator.sequenceNumber();
                byte[] iv = Arrays.copyOf(fixedIv,
                                            fixedIv.length + nonce.length);
                System.arraycopy(nonce, 0, iv, fixedIv.length, nonce.length);
                GCMParameterSpec spec = new GCMParameterSpec(tagSize * 8, iv);

                cipher.init(mode, key, spec, random);
            } catch (Exception e) {
                return Boolean.FALSE;
            }
        }   // Otherwise, we have initialized the cipher in the constructor.

        return Boolean.TRUE;
    }


More information about the security-dev mailing list