RFR: 8297972: Poly1305 Endianness on ByteBuffer not enforced [v2]

Jamil Nimeh jnimeh at openjdk.org
Thu Jan 19 18:51:56 UTC 2023


On Thu, 19 Jan 2023 18:30:04 GMT, Volodymyr Paprotski <duke at openjdk.org> wrote:

>> Per rfc7539 Section 2.5, "Read the block as a little-endian number."
>> 
>> sun.security.util.math.intpoly.IntegerPolynomial1305 enforces this on input when input is provided as `[]byte` but not when input is in `ByteBuffer`
>> 
>> Tested with `Poly1305IntrinsicFuzzTest.java` from https://github.com/openjdk/jdk/pull/11338 which compares Poly1305 MAC between `ByteBuffer` and `[]byte`
>
> Volodymyr Paprotski has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
> 
>  - remove workaround from test
>  - Merge remote-tracking branch 'origin/master' into endian-poly1305
>  - enforce reading input as little_endian numbers

Looks good to me.

-------------

Marked as reviewed by jnimeh (Reviewer).

PR: https://git.openjdk.org/jdk/pull/11463



More information about the security-dev mailing list