RFR: 8255557: Decouple GCM from CipherCore [v3]
Valerie Peng
valeriep at openjdk.java.net
Tue Jun 1 19:47:46 UTC 2021
On Fri, 21 May 2021 03:07:15 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> yeah these checks are a bit all over the place.. I'll rework them
>
> So I think I only need to add a check to the engineDoFinal() that did not have a check before.
for engineUpdate(...) impl, the ArrayUtil.nullAndBoundsCheck() calls are deferred to GCMEngine.doUpdate(...). In the case of engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) method, the inputLen is already used to calculate the needed output size before the check takes place. For consistency and correctness, shouldn't the check be done before the values are used, as in engineDoFinal() case?
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list