RFR: 8255557: Decouple GCM from CipherCore [v4]
Anthony Scarpino
ascarpino at openjdk.java.net
Wed Jun 2 18:17:38 UTC 2021
On Thu, 20 May 2021 22:59:18 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Fix perf problem by reorganizing doLastBlock()
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 1412:
>
>> 1410: }
>> 1411:
>> 1412: checkDataLength(len - tagLenBytes);
>
> The impl of checkDataLength(...) is based on the "processed" variable which is always 0 for doUpdate() calls. This suits encryption better, but does not suit decryption? It seems that the doUpdate() calls would just keep buffering the data into 'ibuffer' without checking the size. It seems to me that this checkDataLength() call on line 1412 would always pass.
checkDataLength is subtracting the length's from the max. The check at 1422 would fail because the max would be negative and the processed would be 0. I don't see it always passing
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list