RFR: 8281628: KeyAgreement : generateSecret intermittently not resetting [v2]
Valerie Peng
valeriep at openjdk.java.net
Wed Mar 2 22:36:50 UTC 2022
On Wed, 2 Mar 2022 22:26:45 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> test/jdk/com/sun/crypto/provider/KeyAgreement/DHKeyAgreementPadding.java line 56:
>>
>>> 54: // Different stale data
>>> 55: aliceSecret[0] = 0;
>>> 56: bobSecret[0] = 1;
>>
>> Instead of only the first byte difference, would it be easier to trigger the bug with completely different buffer value, say FFFFFF vs 000000?
>
> Maybe not. When the generated secret is shorter, the padded bytes are always at the beginning.
With a bigger buffer, i.e. say 80-byte long, instead of 64-byte, I'd expect a difference and higher reproducibility...
-------------
PR: https://git.openjdk.java.net/jdk/pull/7665
More information about the security-dev
mailing list