RFR: 8366833: Poly1305 does not always correctly update position for array-backed ByteBuffers after processMultipleBlocks [v2]
Ferenc Rakoczi
duke at openjdk.org
Thu Sep 4 08:44:45 UTC 2025
On Thu, 4 Sep 2025 06:16:05 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> This fix resolves an issue where the `Cipher.updateAAD(ByteBuffer)` method, when used on a ChaCha20-Poly1305 Cipher, may throw an exception due to an offset calculation error. This occurs when the ByteBuffer is array-backed, and when the buffer passed into the method is a slice of another array-backed buffer and that slice begins at a non-zero offset in the parent ByteBuffer.
>>
>> Credit and thanks to @jaikiran for finding the issue and providing reproducer code.
>
> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
>
> Remove unneeded comments
test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/UpdateAADTest.java line 115:
> 113:
> 114: try {
> 115: cipher.updateAAD(buffer);
Shouldn't we also check that the cipher's state is what we expected after this update?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27081#discussion_r2321298530
More information about the security-dev
mailing list