RFR: 8257769: Cipher.getParameters() throws NPE for ChaCha20-Poly1305 [v2]

Valerie Peng valeriep at openjdk.java.net
Mon Dec 7 19:46:14 UTC 2020


On Mon, 7 Dec 2020 17:50:25 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:

>> This fix corrects a problem where ChaCha20-Poly1305 objects prior to init throw NPE when getParameters() is called.  It will now generate parameters containing a random nonce on each pre-init call to getParameters(). Post-initialization calls to the getParameters() method will always return the same set of parameters until the next initialization occurs.
>
> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
> 
>   pre-init getParameters nonce data is now a local variable

Outside of Cipher.getParameters(), there are other direct references of nonce which may lead to NPE which we should fix also. Inside engineGetIV(), it should check for null nonce before directly calling clone().

-------------

PR: https://git.openjdk.java.net/jdk/pull/1644



More information about the security-dev mailing list