RFR: 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding [v2]
Martin Balao
mbalao at openjdk.java.net
Tue Apr 6 17:14:37 UTC 2021
On Wed, 31 Mar 2021 00:16:28 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Martin Balao has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains three commits:
>>
>> - Avoid overriding buffered bytes with padding in the doFinal call.
>> - Only do encryption block-size buffering for NSS
>> - 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java line 912:
>
>> 910: 0, requiredOutLen - bytesBuffered);
>> 911: k = token.p11.C_EncryptUpdate(session.id(),
>> 912: 0, padBuffer, 0, actualPadLen,
>
> actualPadLen => actualPadLen + startOfs?
Yes, I forgot to synchronize with the byte[] path. Thanks.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2510
More information about the security-dev
mailing list