[9] RFR 8049312: AES/CICO test failed with on several modes
Valerie Peng
valerie.peng at oracle.com
Thu Dec 11 03:20:52 UTC 2014
Still looking for a reviewer for this fix...
Thanks,
Valerie
On 8/22/2014 1:50 PM, Valerie Peng wrote:
> Ping again. Anyone has time to review?
>
> The webrev has been updated in place for
> 1) to reflect the new modular path
> 2) update of test/ProblemList.txt given the integration of the failed
> test (done in a separate bug fix which adds bunch of new tests).
>
> The main changes are in CipherCore.java to pass the correct data size
> when calling cipher.encrypt/decrypt(...).
> Also, updated the various modes implementation so that an Exception is
> thrown if data with incorrect length are passed. This is to make the
> code more robust.
>
> Thanks,
> Valerie
>
> On 7/18/2014 4:12 PM, Valerie Peng wrote:
>>
>> Can someone please help reviewing this following fix?
>> https://bugs.openjdk.java.net/browse/JDK-8049312
>> Webrev: http://cr.openjdk.java.net/~valeriep/8049312/webrev.00/
>>
>> The must-fix change is in ||
>> src/share/classes/com/sun/crypto/provider/CipherCore.java which is to
>> correct the data size calculation based on "unitBytes". For example,
>> for CFB24, our current impl assumes the given data will be multiples
>> of 3 bytes. When the given data isn't multiples of 3, it will
>> continue but then the result is incorrect.
>>
>> To make the code more robust, I think we should explicitly check and
>> error out when the given data doesn't have the correct size. Thus, I
>> have added the input-length check to the various mode
>> implementations. Along the way, I also fixed javadoc typos, removed
>> redundancies, etc.
>>
>> Thanks,
>> Valerie
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20141210/aa380e7a/attachment.htm>
More information about the security-dev
mailing list