RFR: 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding [v2]
Martin Balao
mbalao at openjdk.java.net
Tue Apr 6 16:48:28 UTC 2021
On Wed, 31 Mar 2021 16:51:31 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Avoid overriding buffered bytes with padding in the doFinal call.
>> - Only do encryption block-size buffering for NSS
>> - 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
>
> test/jdk/sun/security/pkcs11/Cipher/EncryptionPadding.java line 68:
>
>> 66: ByteBuffer cipherText =
>> 67: ByteBuffer.allocate(((inputSize / 16 ) + 1) * 16);
>> 68: byte[] tmp = new byte[16];
>
> Seems no need to do new byte[] given how it's used.
Right. That was probably a vestige of an intermediate version.
> test/jdk/sun/security/pkcs11/Cipher/EncryptionPadding.java line 78:
>
>> 76: updateLength);
>> 77: if (tmp != null)
>> 78: cipherText.put(tmp);
>
> nit: either use "{ }" or move cipherText.put() call to the same line as if-check.
Ok
-------------
PR: https://git.openjdk.java.net/jdk/pull/2510
More information about the security-dev
mailing list