RFR: 8257769: Cipher.getParameters() throws NPE for ChaCha20-Poly1305 [v2]
Sean Mullan
mullan at openjdk.java.net
Mon Dec 7 19:40:16 UTC 2020
On Mon, 7 Dec 2020 17:50:25 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> This fix corrects a problem where ChaCha20-Poly1305 objects prior to init throw NPE when getParameters() is called. It will now generate parameters containing a random nonce on each pre-init call to getParameters(). Post-initialization calls to the getParameters() method will always return the same set of parameters until the next initialization occurs.
>
> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
>
> pre-init getParameters nonce data is now a local variable
Marked as reviewed by mullan (Reviewer).
src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java line 232:
> 230: // this call should cause a random nonce to be generated, but
> 231: // not attached to the object.
> 232: byte[] nonceData = initialized ? nonce : createRandomNonce(null);
A minor unrelated comment is that createRandomNonce() could be made static.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1644
More information about the security-dev
mailing list