[9] RFR 8049312: AES/CICO test failed with on several modes
Xuelei Fan
xuelei.fan at oracle.com
Thu Dec 18 02:38:47 UTC 2014
Looks fine to me.
Sorry for the delay of the code review.
Xuelei
On 12/11/2014 11:20 AM, Valerie Peng wrote:
>
> Still looking for a reviewer for this fix...
>
> Thanks,
> Valerie
>
> On 8/22/2014 1:50 PM, Valerie Peng wrote:
>> Ping again. Anyone has time to review?
>>
>> The webrev has been updated in place for
>> 1) to reflect the new modular path
>> 2) update of test/ProblemList.txt given the integration of the failed
>> test (done in a separate bug fix which adds bunch of new tests).
>>
>> The main changes are in CipherCore.java to pass the correct data size
>> when calling cipher.encrypt/decrypt(...).
>> Also, updated the various modes implementation so that an Exception is
>> thrown if data with incorrect length are passed. This is to make the
>> code more robust.
>>
>> Thanks,
>> Valerie
>>
>> On 7/18/2014 4:12 PM, Valerie Peng wrote:
>>>
>>> Can someone please help reviewing this following fix?
>>> https://bugs.openjdk.java.net/browse/JDK-8049312
>>> Webrev: http://cr.openjdk.java.net/~valeriep/8049312/webrev.00/
>>>
>>> The must-fix change is in ||
>>> src/share/classes/com/sun/crypto/provider/CipherCore.java which is to
>>> correct the data size calculation based on "unitBytes". For example,
>>> for CFB24, our current impl assumes the given data will be multiples
>>> of 3 bytes. When the given data isn't multiples of 3, it will
>>> continue but then the result is incorrect.
>>>
>>> To make the code more robust, I think we should explicitly check and
>>> error out when the given data doesn't have the correct size. Thus, I
>>> have added the input-length check to the various mode
>>> implementations. Along the way, I also fixed javadoc typos, removed
>>> redundancies, etc.
>>>
>>> Thanks,
>>> Valerie
>>>
More information about the security-dev
mailing list