Problems with CipherBox and AEAD

Thomas Lußnig jetty at suche.org
Sun Oct 11 07:59:22 UTC 2015


Hi,

when i extends "sun.security.ssl.CipherSuite" with
     final static BulkCipher B_CHACHA20_POLY1305 = new 
BulkCipher("CHACHA20_POLY1305", AEAD_CIPHER  , 32 ,32,  0,  0, true );
i found an Problem in "sun.security.ssl.CipherBox
Method "applyExplicitNonce" there for the AEAD_CIPHER case is an NPE if 
the IV Length is zero. Then fixedIv become null
and there is an NPE. The Workaround for this is
     final byte[] iv;
     if(this.fixedIv == null) { // FIX for CHACHA
         iv = new byte[this.recordIvSize];              // CHACHA fix
         bb.get(iv, 0, this.recordIvSize);
     } else {
         iv = Arrays.copyOf(this.fixedIv, this.fixedIv.length + 
this.recordIvSize);
         bb.get(iv, this.fixedIv.length, this.recordIvSize);
     }
Another problem would occour if i use "new 
BulkCipher("CHACHA20_POLY1305", AEAD_CIPHER  , 32 ,32,  8,  8, true );"
Then in createExplicitNonce the nonce should become zero size but is 
fixed length for AEAD of 8 bytes.
Both was seen in JDK-1.8.0_60

Gruß Thomas Lußnig



More information about the security-dev mailing list