RFR: 8330842: Support AES CBC with Ciphertext Stealing (CTS) in SunPKCS11 [v6]
Valerie Peng
valeriep at openjdk.org
Fri Jun 7 01:55:24 UTC 2024
On Fri, 7 Jun 2024 01:08:40 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> test/jdk/sun/security/pkcs11/Cipher/TestCipherTextStealingMultipart.java line 139:
>>
>>> 137: byte [] outArray = new byte[cipher.getOutputSize(0) + outOfs];
>>> 138: cipher.doFinal(outArray, outOfs);
>>> 139: actualCiphertextBuf.put(outArray, outOfs, outArray.length - outOfs);
>>
>> Add this offset testing to the decryption part as well?
>
> Ok, I'll add it but it's not the same for decryption because it's the cipher text what has (potentially) to be reordered and output buffer will be for plain text. In fact, the reordering is over `padBuffer` (that has the last bytes of cipher text) for decryption.
Thanks, yes, it's not about testing the byte-swapping part, but rather just to make sure the specified offset is correctly handled.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18898#discussion_r1630521236
More information about the security-dev
mailing list