RFR: 8255557: Decouple GCM from CipherCore [v4]
Anthony Scarpino
ascarpino at openjdk.java.net
Wed Jun 2 03:21:48 UTC 2021
On Thu, 20 May 2021 00:37:44 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Fix perf problem by reorganizing doLastBlock()
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 942:
>
>> 940:
>> 941: System.arraycopy(out, originalOutOfs, originalOut, originalOutOfs,
>> 942: len);
>
> Don't you need to do `originalOut = null;` after copying the bytes over? Otherwise, if you have two overlapping calls with the same engine, the 2nd restoreOut(...) call may lead to data corruption, i.e. it will duplicate the output bytes to the original output buffer (in the 1st overlapping call).
> Same applies for the ByteBuffer case, i.e. restoreDst(...).
> If time permits, please add a regression test to cover this.
A engine is a one time use, so setting originalOut to null isn't necessary. engineDoFinal() sets engine = null.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list