[9] RFR 8049312: AES/CICO test failed with on several modes
Valerie Peng
valerie.peng at oracle.com
Fri Jul 18 23:12:24 UTC 2014
Can someone please help reviewing this following fix?
https://bugs.openjdk.java.net/browse/JDK-8049312
Webrev: http://cr.openjdk.java.net/~valeriep/8049312/webrev.00/
The must-fix change is in ||
src/share/classes/com/sun/crypto/provider/CipherCore.java which is to
correct the data size calculation based on "unitBytes". For example, for
CFB24, our current impl assumes the given data will be multiples of 3
bytes. When the given data isn't multiples of 3, it will continue but
then the result is incorrect.
To make the code more robust, I think we should explicitly check and
error out when the given data doesn't have the correct size. Thus, I
have added the input-length check to the various mode implementations.
Along the way, I also fixed javadoc typos, removed redundancies, etc.
Thanks,
Valerie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20140718/0261c76e/attachment.htm>
More information about the security-dev
mailing list