RFR: 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding [v2]
Martin Balao
mbalao at openjdk.java.net
Tue Apr 6 14:56:25 UTC 2021
On Tue, 30 Mar 2021 21:24:37 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Avoid overriding buffered bytes with padding in the doFinal call.
>> - Only do encryption block-size buffering for NSS
>> - 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java line 654:
>
>> 652: }
>> 653: // update 'padBuffer' if using our own padding impl.
>> 654: if (paddingObj != null) {
>
> nit: if (paddingObj != null && newPadBufferLen > 0)?
Yes, makes sense. I've replaced the other " newPadBufferLen != 0" with "newPadBufferLen > 0" to be consistent.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2510
More information about the security-dev
mailing list