RFR: 8305091: Change ChaCha20 cipher init behavior to match AES-GCM
Jamil Nimeh
jnimeh at openjdk.org
Tue Apr 11 17:35:28 UTC 2023
This fixes an issue where the key/nonce reuse policy for SunJCE ChaCha20 and ChaCha20-Poly1305 was overly strict in enforcing no-reuse when the Cipher was in DECRYPT_MODE. For decryption, this should be allowed and be consistent with the AES-GCM decryption initialization behavior.
- Issue: https://bugs.openjdk.org/browse/JDK-8305091
- CSR: https://bugs.openjdk.org/browse/JDK-8305822
-------------
Commit messages:
- 8305091: Change ChaCha20 cipher init behavior to match AES-GCM
Changes: https://git.openjdk.org/jdk/pull/13428/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=13428&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8305091
Stats: 77 lines in 2 files changed: 31 ins; 14 del; 32 mod
Patch: https://git.openjdk.org/jdk/pull/13428.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/13428/head:pull/13428
PR: https://git.openjdk.org/jdk/pull/13428
More information about the security-dev
mailing list