RFR: 8255557: Decouple GCM from CipherCore [v2]
Anthony Scarpino
ascarpino at openjdk.java.net
Mon May 24 16:40:18 UTC 2021
On Mon, 17 May 2021 22:42:40 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with two additional commits since the last revision:
>>
>> - review comment updates
>> - Fixed the lack of overlap detection with GCMEncrypt.update()
>
> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 203:
>
>> 201: // allocating and copying for direct bytebuffers
>> 202: if (!src.isDirect() && !dst.isDirect() &&
>> 203: !src.isReadOnly() && !dst.isReadOnly()) {
>
> Why do we need to check for src being isReadOnly() since we are not writing bytes into src? As for dst, if it's read only, then we should probably not proceed further? The other update method which takes ByteBuffer dst did not check if it's read only. A bit inconsistent?
src.array() throws an exception if it's read only
> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 283:
>
>> 281: // allocating and copying for direct bytebuffers
>> 282: if (!src.isDirect() && !dst.isDirect() &&
>> 283: !src.isReadOnly() && !dst.isReadOnly()) {
>
> Same question regarding the isReadOnly() calls as in the update(ByteBuffer, ByteBuffer) method.
src.array() throws an exception if it's read only
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list