RFR: 8248268: Support KWP in addition to KW [v7]

Valerie Peng valeriep at openjdk.java.net
Mon May 24 22:40:22 UTC 2021


On Fri, 21 May 2021 19:15:49 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

>> Valerie Peng has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains seven commits:
>> 
>>  - Merge master into JDK-8248268
>>  - Minor update to address review comments.
>>  - Changed AESParameters to allow 4-byte, 8-byte IVs and removed
>>    KWParameters and KWPParameters.
>>  - Refactor code to reduce code duplication
>>    Address review comments
>>    Add more test vectors
>>  - Changed AlgorithmParameters impls to register under AES/KW/NoPadding and
>>    AES/KWP/NoPadding
>>  - Restored Iv algorithm parameters impl.
>>  - 8248268: Support KWP in addition to KW
>>    
>>    Updated existing AESWrap support with AES/KW/NoPadding cipher
>>    transformation. Added support for AES/KWP/NoPadding and
>>    AES/KW/PKCS5Padding support to SunJCE provider.
>
> src/java.base/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java line 81:
> 
>> 79:                         expectedLen + " bytes long");
>> 80:         }
>> 81:         iv = tmpIv.clone();
> 
> The moreSizes is not used after initialization.  The iv/tmpIv could be a value other than the block_size.   The getEncoded() method would use the iv value for the encoding.  While in the decoding method init(byte[]) method, the IV sizes other block_size is not considered, and IOE will be thrown.  Could this be a problem?

Right, good catch, I will fix it.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2404


More information about the security-dev mailing list