RFR: 8359388: Stricter checking for cipher transformations [v5]
Sean Mullan
mullan at openjdk.org
Wed Jul 2 19:21:39 UTC 2025
On Wed, 2 Jul 2025 16:31:55 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Based on the javadoc of `javax.crypto.Cipher` class, the cipher transformation should be either "algorithm/mode/padding" or
>> "algorithm". When parsing the transformation, space(s) is trimmed off and empty strings are considered as "unspecified". This PR adds checks to ensure that transformations with empty "mode" and/or "padding" value in the "algorithm/mode/padding" form leads to `NoSuchAlgorithmException`. This reverts some changes made in [https://bugs.openjdk.org/browse/JDK-8358159](https://bugs.openjdk.org/browse/JDK-8358159) which allows empty mode and/or padding in the transformations.
>>
>>
>> Thanks in advance for the review~
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> Updated to use List.of() per Sean's comment.
test/jdk/javax/crypto/Cipher/TestEmptyModePadding.java line 27:
> 25: /*
> 26: * @test
> 27: * @bug 8358159 8359388
I think we should remove 8358159 from the bug line, as this is clearly not testing that bugfix anymore.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/25808#discussion_r2180810305
More information about the security-dev
mailing list