RFR: 8302017: Allocate BadPaddingException only if it will be thrown
Brian J. Stafford
duke at openjdk.org
Wed Mar 22 16:20:03 UTC 2023
On Tue, 14 Mar 2023 21:58:46 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> May I get a chance to review it before the integration? I may need more time to dig into time-constant issue.
>
>> May I get a chance to review it before the integration? I may need more time to dig into time-constant issue.
>
> If I read the Bleichenbacher's Attack[[1]](https://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf)[[2]](https://medium.com/@c0D3M/bleichenbacher-attack-explained-bc630f88ff25)[[3]](https://asecuritysite.com/encryption/c_c3) right, the attack works if it can tell the difference between good conditions and error conditions. RFC 8017 says "distinguish the different error conditions", but it may be parsed differently for various context. Please be careful about this update.
>
> Thank you for giving me more time to look into the details.
@XueleiFan are you still looking into the details of this change?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/12732#issuecomment-1479856354
More information about the security-dev
mailing list