Integrated: JDK-8280703 CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption
Sebastian Stenzel
duke at openjdk.java.net
Fri Jan 28 16:46:15 UTC 2022
On Wed, 26 Jan 2022 10:07:01 GMT, Sebastian Stenzel <duke at openjdk.java.net> wrote:
> Related to #411, however it turns out that for unpadded ciphers, there is no need to allocate `internalOutput`, if `output` provides sufficient capacity.
>
> For padded ciphers, only the unpadded cleartext is expected to be copied to the output buffer. In this case, there is no way around the temporary buffer (without major changes).
>
> While a small change, please review with care, as I might be missing some security-relevant side effect (such as: don't copy cleartext to output buffer before validating the a tag - just as an example, even if there is no authentication involved in this method).
>
> I have some test failures in Tier 1 tests, but these seem to be unrelated. Tests for `com.sun.crypto` and `javax.crypto` run fine:
>
>
> ==============================
> Test summary
> ==============================
> TEST TOTAL PASS FAIL ERROR
> jtreg:test/jdk/com/sun/crypto 141 141 0 0
> jtreg:test/jdk/javax/crypto 56 56 0 0
> ==============================
> TEST SUCCESS
This pull request has now been integrated.
Changeset: 409382ba
Author: Sebastian Stenzel <sebastian.stenzel at skymatic.de>
Committer: Anthony Scarpino <ascarpino at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/409382ba4b43bf48ed0086020dd20641effd35b6
Stats: 8 lines in 1 file changed: 3 ins; 0 del; 5 mod
8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption
Reviewed-by: ascarpino
-------------
PR: https://git.openjdk.java.net/jdk/pull/7230
More information about the security-dev
mailing list