RFR: 8314045: ArithmeticException in GaloisCounterMode [v2]
Anthony Scarpino
ascarpino at openjdk.org
Wed Aug 9 23:44:28 UTC 2023
On Wed, 9 Aug 2023 23:15:59 GMT, Liam Miller-Cushon <cushon at openjdk.org> wrote:
>> Please consider this fix for [JDK-8314045](https://bugs.openjdk.org/browse/JDK-8314045), which adds a missing size check to avoid an `ArithmeticException` in `GaloisCounterMode`.
>
> Liam Miller-Cushon has updated the pull request incrementally with one additional commit since the last revision:
>
> Check for AEADBadTagException specifically
test/jdk/com/sun/crypto/provider/Cipher/AEAD/GCMShortInput.java line 54:
> 52: cipher.doFinal(ByteBuffer.allocate(0), ByteBuffer.allocate(0));
> 53: throw new AssertionError("GeneralSecurityException expected");
> 54: } catch (GeneralSecurityException e) {
The test should be verifying the exception is AEADBadTagException, not GeneralSecurityException, since that is the issue.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15212#discussion_r1289342514
More information about the security-dev
mailing list