RFR: ChaCha20 and ChaCha20/Poly1305 Cipher implementations

Jamil Nimeh jamil.j.nimeh at oracle.com
Tue May 1 23:19:38 UTC 2018


Update: forget my comment on this finding, Sean.  I'm already wrapping 
IOE in IAPE when IOE gets thrown so it's better to go the route you 
suggested.  I didn't read the method carefully enough.

>>
>>
>>  375                         if (dv.tag == DerValue.tag_OctetString) {
>>  376                             // Get the nonce value
>>  377                             newNonce = dv.getOctetString();
>>
>> Similar to a previous comment, I would just call 
>> DerValue.getOctetString() directly and let it throw an Exception if 
>> it is the wrong tag.
> JN: Except that I'll still have to catch the IOException and make that 
> the cause of the InvalidAlgorithmParameterException.  I don't think 
> CipherSpi.engineInit(int, Key, AlgorithmParameters, SecureRandom) can 
> directly throw IOException.  If I have to wrap it inside IAPE, do you 
> still prefer to do it that way or is the existing way OK?

--Jamil


More information about the security-dev mailing list