Integrated: 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
Martin Balao
mbalao at openjdk.java.net
Mon Apr 12 21:03:41 UTC 2021
On Wed, 10 Feb 2021 15:06:35 GMT, Martin Balao <mbalao at openjdk.org> wrote:
> Hi,
>
> I'd like to propose a fix for JDK-8261355 [1].
>
> The scheme used for holding data and padding while performing encryption operations is almost the same than the existing one for decryption. The only difference is that encryption does not require a block-sized buffer to be always held because there is no need, upon an update call, to determine which bytes are real output for the caller and which are padding -as it's required for decryption-. I added a couple of comments in implUpdate to explain this.
>
> No regressions observed in jdk/sun/security/pkcs11.
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8261355
This pull request has now been integrated.
Changeset: 1ee80e03
Author: Martin Balao <mbalao at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/1ee80e03
Stats: 245 lines in 2 files changed: 163 ins; 29 del; 53 mod
8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding
Reviewed-by: valeriep
-------------
PR: https://git.openjdk.java.net/jdk/pull/2510
More information about the security-dev
mailing list