RFR: 8281628: KeyAgreement : generateSecret intermittently not resetting
Valerie Peng
valeriep at openjdk.java.net
Wed Mar 2 22:01:13 UTC 2022
On Wed, 2 Mar 2022 19:35:50 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> The comment said "pad it w/ leading 0s". So let's pad it.
src/java.base/share/classes/com/sun/crypto/provider/DHKeyAgreement.java line 347:
> 345: // Array too short, pad it w/ leading 0s
> 346: if (secret.length < expectedLen) {
> 347: Arrays.fill(sharedSecret, offset, offset + (expectedLen - secret.length), (byte)0);
nit: longer than 80 chars?
test/jdk/com/sun/crypto/provider/KeyAgreement/DHKeyAgreementPadding.java line 28:
> 26: * @bug 8281628
> 27: * @library /test/lib
> 28: * @summary KeyAgreement : generateSecret intermittently not resetting
nit: describe the fix instead of just using the bug synopsis.
test/jdk/com/sun/crypto/provider/KeyAgreement/DHKeyAgreementPadding.java line 56:
> 54: // Different stale data
> 55: aliceSecret[0] = 0;
> 56: bobSecret[0] = 1;
Instead of only the first byte difference, would it be easier to trigger the bug with completely different buffer value, say FFFFFF vs 000000?
-------------
PR: https://git.openjdk.java.net/jdk/pull/7665
More information about the security-dev
mailing list