RFR: JDK-8280703 CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption [v2]
Anthony Scarpino
ascarpino at openjdk.java.net
Thu Jan 27 17:24:32 UTC 2022
On Wed, 26 Jan 2022 18:07:24 GMT, Sebastian Stenzel <duke at openjdk.java.net> wrote:
>> Related to #411, however it turns out that for unpadded ciphers, there is no need to allocate `internalOutput`, if `output` provides sufficient capacity.
>>
>> For padded ciphers, only the unpadded cleartext is expected to be copied to the output buffer. In this case, there is no way around the temporary buffer (without major changes).
>>
>> While a small change, please review with care, as I might be missing some security-relevant side effect (such as: don't copy cleartext to output buffer before validating the a tag - just as an example, even if there is no authentication involved in this method).
>>
>> I have some test failures in Tier 1 tests, but these seem to be unrelated. Tests for `com.sun.crypto` and `javax.crypto` run fine:
>>
>>
>> ==============================
>> Test summary
>> ==============================
>> TEST TOTAL PASS FAIL ERROR
>> jtreg:test/jdk/com/sun/crypto 141 141 0 0
>> jtreg:test/jdk/javax/crypto 56 56 0 0
>> ==============================
>> TEST SUCCESS
>
> Sebastian Stenzel has updated the pull request incrementally with one additional commit since the last revision:
>
> updated copyright header
The diff passed tier1 and crypto tests. Looks good to me
-------------
Marked as reviewed by ascarpino (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/7230
More information about the security-dev
mailing list