Integrated: 8359388: Stricter checking for cipher transformations
Valerie Peng
valeriep at openjdk.org
Mon Jul 7 23:38:44 UTC 2025
On Fri, 13 Jun 2025 17:32:12 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> Based on the javadoc of `javax.crypto.Cipher` class, the cipher transformation should be either "algorithm/mode/padding" or
> "algorithm". When parsing the transformation, space(s) is trimmed off and empty strings are considered as "unspecified". This PR adds checks to ensure that transformations with empty "mode" and/or "padding" value in the "algorithm/mode/padding" form leads to `NoSuchAlgorithmException`. This reverts some changes made in [https://bugs.openjdk.org/browse/JDK-8358159](https://bugs.openjdk.org/browse/JDK-8358159) which allows empty mode and/or padding in the transformations.
>
>
> Thanks in advance for the review~
This pull request has now been integrated.
Changeset: ec7c6be6
Author: Valerie Peng <valeriep at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/ec7c6be6a9e84c8cd2077fea07930592ddd13669
Stats: 100 lines in 2 files changed: 45 ins; 15 del; 40 mod
8359388: Stricter checking for cipher transformations
Reviewed-by: mullan
-------------
PR: https://git.openjdk.org/jdk/pull/25808
More information about the security-dev
mailing list