RFR: 8297972: Poly1305 Endianness on ByteBuffer not enforced [v2]
Jamil Nimeh
jnimeh at openjdk.org
Thu Jan 19 18:51:56 UTC 2023
On Thu, 19 Jan 2023 18:30:04 GMT, Volodymyr Paprotski <duke at openjdk.org> wrote:
>> Per rfc7539 Section 2.5, "Read the block as a little-endian number."
>>
>> sun.security.util.math.intpoly.IntegerPolynomial1305 enforces this on input when input is provided as `[]byte` but not when input is in `ByteBuffer`
>>
>> Tested with `Poly1305IntrinsicFuzzTest.java` from https://github.com/openjdk/jdk/pull/11338 which compares Poly1305 MAC between `ByteBuffer` and `[]byte`
>
> Volodymyr Paprotski has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
>
> - remove workaround from test
> - Merge remote-tracking branch 'origin/master' into endian-poly1305
> - enforce reading input as little_endian numbers
Looks good to me.
-------------
Marked as reviewed by jnimeh (Reviewer).
PR: https://git.openjdk.org/jdk/pull/11463
More information about the security-dev
mailing list