Integrated: 8305091: Change ChaCha20 cipher init behavior to match AES-GCM
Jamil Nimeh
jnimeh at openjdk.org
Tue May 23 15:18:51 UTC 2023
On Tue, 11 Apr 2023 17:26:25 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
> This fixes an issue where the key/nonce reuse policy for SunJCE ChaCha20 and ChaCha20-Poly1305 was overly strict in enforcing no-reuse when the Cipher was in DECRYPT_MODE. For decryption, this should be allowed and be consistent with the AES-GCM decryption initialization behavior.
>
> - Issue: https://bugs.openjdk.org/browse/JDK-8305091
> - CSR: https://bugs.openjdk.org/browse/JDK-8305822
This pull request has now been integrated.
Changeset: bb0ff48a
Author: Jamil Nimeh <jnimeh at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/bb0ff48aa94c4648a2f929226dd8d252431bcd03
Stats: 77 lines in 2 files changed: 31 ins; 14 del; 32 mod
8305091: Change ChaCha20 cipher init behavior to match AES-GCM
Reviewed-by: djelinski, ascarpino
-------------
PR: https://git.openjdk.org/jdk/pull/13428
More information about the security-dev
mailing list