RFR: 8302225: SunJCE Provider doesn't validate key sizes when using 'constrained' transforms for AES/KW and AES/KWP
Valerie Peng
valeriep at openjdk.org
Wed Feb 15 02:31:29 UTC 2023
Due to an error in the existing regression test, this bug remain undiscovered until now. Added the key size check to the KeyWrapCipher class and fixed the regression test.
Please help review this trivial fix.
Thanks in advance,
Valerie
-------------
Commit messages:
- 8302225: SunJCE Provider doesn't validate key sizes when using 'constrained' transforms for AES/KW and AES/KWP
Changes: https://git.openjdk.org/jdk/pull/12569/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=12569&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8302225
Stats: 29 lines in 2 files changed: 23 ins; 1 del; 5 mod
Patch: https://git.openjdk.org/jdk/pull/12569.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/12569/head:pull/12569
PR: https://git.openjdk.org/jdk/pull/12569
More information about the security-dev
mailing list