RFR: 8257769: Cipher.getParameters() throws NPE for ChaCha20-Poly1305 [v2]

Sean Mullan mullan at openjdk.java.net
Mon Dec 7 19:40:16 UTC 2020


On Mon, 7 Dec 2020 17:50:25 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:

>> This fix corrects a problem where ChaCha20-Poly1305 objects prior to init throw NPE when getParameters() is called.  It will now generate parameters containing a random nonce on each pre-init call to getParameters(). Post-initialization calls to the getParameters() method will always return the same set of parameters until the next initialization occurs.
>
> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
> 
>   pre-init getParameters nonce data is now a local variable

Marked as reviewed by mullan (Reviewer).

src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java line 232:

> 230:             // this call should cause a random nonce to be generated, but
> 231:             // not attached to the object.
> 232:             byte[] nonceData = initialized ? nonce : createRandomNonce(null);

A minor unrelated comment is that createRandomNonce() could be made static.

-------------

PR: https://git.openjdk.java.net/jdk/pull/1644



More information about the security-dev mailing list