Integrated: 8297972: Poly1305 Endianness on ByteBuffer not enforced

Volodymyr Paprotski duke at openjdk.org
Fri Jan 20 20:02:00 UTC 2023


On Thu, 1 Dec 2022 18:28:21 GMT, Volodymyr Paprotski <duke at openjdk.org> wrote:

> Per rfc7539 Section 2.5, "Read the block as a little-endian number."
> 
> sun.security.util.math.intpoly.IntegerPolynomial1305 enforces this on input when input is provided as `[]byte` but not when input is in `ByteBuffer`
> 
> Tested with `Poly1305IntrinsicFuzzTest.java` from https://github.com/openjdk/jdk/pull/11338 which compares Poly1305 MAC between `ByteBuffer` and `[]byte`

This pull request has now been integrated.

Changeset: 9d44dd0c
Author:    Volodymyr Paprotski <volodymyr.paprotski at intel.com>
Committer: Jamil Nimeh <jnimeh at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/9d44dd0cca620ef8e16e0c4306e6e54d8de6d1e8
Stats:     8 lines in 2 files changed: 3 ins; 3 del; 2 mod

8297972: Poly1305 Endianness on ByteBuffer not enforced

Reviewed-by: jnimeh

-------------

PR: https://git.openjdk.org/jdk/pull/11463



More information about the security-dev mailing list