[RFR] JDK-8224997: ChaCha20-Poly1305 TLS cipher suite decryption throws ShortBufferException
Xuelei Fan
Xuelei.Fan at Oracle.Com
Sat Aug 17 04:25:10 UTC 2019
Looks good to me.
Xuelei
> On Aug 16, 2019, at 3:44 PM, Jamil Nimeh <jamil.j.nimeh at oracle.com> wrote:
>
> I think that's a good idea. I've made the change.
>
> http://cr.openjdk.java.net/~jnimeh/reviews/8224997/webrev.02/
>
> Thanks for the review,
>
> --Jamil
>
>> On 8/16/19 9:36 AM, Xue-Lei Fan wrote:
>> Good catch!
>>
>> For the engineGetOutputSize() implementation, as the inputLen parameter is an external input, we may want to ensure it is not too big to integer overflow. The Math.addExact() was used to check the overflow issues. What do you think we keep using the Math.addExact() method, at line 1243 and 1314?
>>
>> Otherwise, looks fine to me.
>>
>> Xuelei
>>
>> ----- Original Message -----
>> From:jamil.j.nimeh at oracle.com
>> To:security-dev at openjdk.java.net
>> Sent: Monday, August 12, 2019 12:59:32 PM GMT -08:00 US/Canada Pacific
>> Subject: [RFR] JDK-8224997: ChaCha20-Poly1305 TLS cipher suite decryption throws ShortBufferException
>>
>> Hello all,
>>
>> This fix addresses a problem first found by Netty/Jetty when decrypting
>> payloads in excess of ~4096 bytes using one of the ChaCha20-Poly1305
>> cipher suites. The root cause of the issue is not in the TLS code, it
>> is actually an issue with how ChaCha20-Poly1305 was implementing
>> CipherSpi.engineGetOutputSize().
>>
>> The bug was also partially worked around due to changes in CipherSpi
>> from 8181386, but this properly addresses the output buffer sizing.
>>
>> Thanks to Adrian Todt and Bradley Wagner for the Catnip and Jetty
>> support while trying to replicate the issue originally.
>>
>> Bug:https://bugs.openjdk.java.net/browse/JDK-8224997
>>
>> Webrev:http://cr.openjdk.java.net/~jnimeh/reviews/8224997/webrev.01/
>>
>> --Jamil
>>
More information about the security-dev
mailing list