RFR: 8330842: Support AES CBC with Ciphertext Stealing (CTS) in SunPKCS11 [v6]
Martin Balao
mbalao at openjdk.org
Thu Jun 6 22:25:13 UTC 2024
On Thu, 6 Jun 2024 21:18:04 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Francisco Ferrari Bihurriet has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Apply code-review suggestion
>>
>> Co-authored-by: Francisco Ferrari <fferrari at redhat.com>
>> Co-authored-by: Martin Balao <mbalao at redhat.com>
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11Cipher.java line 1169:
>
>> 1167: }
>> 1168: if (ciphertextArr != null) {
>> 1169: ciphertextBuf = ByteBuffer.wrap(ciphertextArr);
>
> Can we add a comment here to caution that position may be incorrect (since the offset is not passed to this call) and thus need to always supply an index for reading/writing values to the `ciphertextBuf`?
It's not so much about position being incorrect —`convertCTSVariant` makes no assumptions about it, but could have reset position to the beginning of the last 2 blocks— but that `ciphertextBuf` bytes should not be modified except for the last 2 blocks. I'm okay with adding a comment but I don't see any extension of the `convertCTSVariant` function that could be at risk of having to access anything other than the last 2 blocks.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18898#discussion_r1630335033
More information about the security-dev
mailing list