RFR 8157526: 3KeyTDEA word left in DRBG after JDK-8156213
Xuelei Fan
xuelei.fan at oracle.com
Mon May 23 01:29:12 UTC 2016
Looks fine to me.
Xuelei
On 5/23/2016 9:12 AM, Wang Weijun wrote:
> Hi All
>
> The removal of 3KeyTDEA in JDK-8156213 is not clean. This bug removes the "(112 bits for CTR_DRBG with 3KeyTDEA)" words in class spec of DrbgParameters.java.
>
> No webrev, just the patch below. Please review.
>
> diff --git a/src/java.base/share/classes/java/security/DrbgParameters.java b/src/java.base/share/classes/java/security/DrbgParameters.java
> --- a/src/java.base/share/classes/java/security/DrbgParameters.java
> +++ b/src/java.base/share/classes/java/security/DrbgParameters.java
> @@ -216,10 +216,9 @@
> * <p>
> * If a DRBG is not instantiated with a {@link DrbgParameters.Instantiation}
> * object explicitly, this implementation instantiates it with a default
> - * requested strength of 128 bits (112 bits for CTR_DRBG with 3KeyTDEA),
> - * no prediction resistance request, and no personalization string.
> - * These default instantiation parameters can also be customized with
> - * the {@code securerandom.drbg.config} security property.
> + * requested strength of 128 bits, no prediction resistance request, and
> + * no personalization string. These default instantiation parameters can also
> + * be customized with the {@code securerandom.drbg.config} security property.
> * <p>
> * This implementation reads fresh entropy from the system default entropy
> * source determined by the security property {@code securerandom.source}.
>
> Thanks
> Max
>
> p.s. Although this changes the spec part, it's a bug fix, and therefore no CCC.
>
More information about the security-dev
mailing list