RFR: 8366833: Poly1305 does not always correctly update position for array-backed ByteBuffers after processMultipleBlocks [v4]

Matthew Donovan mdonovan at openjdk.org
Fri Sep 5 15:37:12 UTC 2025


On Thu, 4 Sep 2025 15:26:02 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:

>> This fix resolves an issue where the `Cipher.updateAAD(ByteBuffer)` method, when used on a ChaCha20-Poly1305 Cipher, may throw an exception due to an offset calculation error.  This occurs when the ByteBuffer is array-backed, and when the buffer passed into the method is a slice of another array-backed buffer and that slice begins at a non-zero offset in the parent ByteBuffer.
>> 
>> Credit and thanks to @jaikiran for finding the issue and providing reproducer code.
>
> Jamil Nimeh has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Fix typo in exception message

test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/UpdateAADTest.java line 56:

> 54: 
> 55:     public static void main(final String[] args) throws Exception {
> 56:         ByteBuffer twoKBuf = ByteBuffer.allocate(2048);

Is it relevant to include a test case for MemorySegment-backed ByteBuffers?

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/27081#discussion_r2325420966


More information about the security-dev mailing list