RFR: 8359388: Stricter checking for cipher transformations [v3]
Valerie Peng
valeriep at openjdk.org
Wed Jun 18 06:17:50 UTC 2025
> Based on the javadoc of `javax.crypto.Cipher` class, the cipher transformation should be either "algorithm/mode/padding" or
> "algorithm". When parsing the transformation, space(s) is trimmed off and empty strings are considered as "unspecified". This PR adds checks to ensure that transformations with empty "mode" and/or "padding" value in the "algorithm/mode/padding" form leads to `NoSuchAlgorithmException`. This reverts some changes made in [https://bugs.openjdk.org/browse/JDK-8358159](https://bugs.openjdk.org/browse/JDK-8358159) which allows empty mode and/or padding in the transformations.
>
>
> Thanks in advance for the review~
Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
remove the extra ";" as suggested
Co-authored-by: Mikhail Yankelevich <mikhailyankelevich at gmail.com>
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/25808/files
- new: https://git.openjdk.org/jdk/pull/25808/files/8d8640c6..0cb41982
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=25808&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=25808&range=01-02
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/25808.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/25808/head:pull/25808
PR: https://git.openjdk.org/jdk/pull/25808
More information about the security-dev
mailing list