RFR: 8255557: Decouple GCM from CipherCore [v4]
Valerie Peng
valeriep at openjdk.java.net
Mon Jun 7 13:32:17 UTC 2021
On Fri, 4 Jun 2021 01:29:36 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> engine is one time use per encryption/decryption. But 'originalOut' is for overlap detection/protection which may be used multiple times during multi-part encryption/decrypion. For each overlapDetection()/restoreOut() pair, the 'originalOut' value should be cleared, otherwise there may be cases where the old value of 'originalOut' gets used?
>
> Ok. I see what you are saying. I had not consider a situation where an update buffer overlapped and doFinal did not. I'll set originalDst and originalOut to null on their restore methods.
Great.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list