RFR: 8302017: Allocate BadPaddingException only if it will be thrown
Xue-Lei Andrew Fan
xuelei at openjdk.org
Tue Mar 14 22:01:23 UTC 2023
On Tue, 14 Mar 2023 21:23:02 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
> May I get a chance to review it before the integration? I may need more time to dig into time-constant issue.
If I read the Bleichenbacher's Attack[1][2] right, the attack works if it can tell the difference between good conditions and error conditions. RFC 8017 says "distinguish the different error conditions", but it may be parsed differently for various context. Please be careful about this update.
Thank you for giving me more time to look into the details.
[1]: https://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf
[2]: https://medium.com/@c0D3M/bleichenbacher-attack-explained-bc630f88ff25
[3]: https://asecuritysite.com/encryption/c_c3
-------------
PR: https://git.openjdk.org/jdk/pull/12732
More information about the security-dev
mailing list