<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p>Oh, one other thing in case you weren't talking about this in the
context of Cipher and instead were talking about the
AlgorithmParameters object itself. If that's all you've got in
scope one approach is to call
getParameterSpec(IvParameterSpec.class).getIV(); That will give
you the byte array as well. Now that I think about it, I should
probably do that in my test code because I went and manually
parsed the DER encoding. :) Glad you brought it up.<br>
</p>
<p>--Jamil<br>
</p>
<div class="moz-cite-prefix">On 12/7/2020 5:39 PM, Jamil Nimeh
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:651186a8-76d6-d5b7-d959-f52eb8a838ab@oracle.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<p>Hi Bernd, it's not a stupid question at all. I think what you
might be looking for is Cipher.getIV()? In the case of
ChaCha20-Poly1305, that method returns the nonce as a byte array
where getParameters() returns an AlgorithmParameters object
where the encoding is consistent with RFC 8103.</p>
<p>But both getParameters() and getIV() were doing the wrong thing
(chucking NPE) when they should've either come up with a random
param or null, respectively when in a pre-initialized state.<br>
</p>
<p>--Jamil<br>
</p>
<div class="moz-cite-prefix">On 12/7/2020 5:19 PM, Bernd Eckenfels
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:AM6PR03MB438990A3BF049D5107CA6FD1FFCD0@AM6PR03MB4389.eurprd03.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div dir="ltr" data-ogsc="" style="">
<div>
<div>BTW stupid - somewhat related - question, why does the
nonce to be parsed out of a DER blob, shouldn’t there be
an getter on the Parameter Spec object? Many protocols
would need the raw array, is there a matching spec - or
should we add one?</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">Gruss</div>
<div dir="ltr">Bernd</div>
<div class="ms-outlook-ios-signature"
id="ms-outlook-mobile-signature">
<div style="direction: ltr">-- </div>
<div style="direction: ltr"><a
class="moz-txt-link-freetext"
href="http://bernd.eckenfels.net"
moz-do-not-send="true">http://bernd.eckenfels.net</a></div>
</div>
</div>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
face="Calibri, sans-serif" color="#000000"><b>Von:</b>
security-dev <a class="moz-txt-link-rfc2396E"
href="mailto:security-dev-retn@openjdk.java.net"
moz-do-not-send="true"><security-dev-retn@openjdk.java.net></a>
im Auftrag von Jamil Nimeh <a class="moz-txt-link-rfc2396E"
href="mailto:jnimeh@openjdk.java.net"
moz-do-not-send="true"><jnimeh@openjdk.java.net></a><br>
<b>Gesendet:</b> Monday, December 7, 2020 9:05:16 PM<br>
<b>An:</b> <a class="moz-txt-link-abbreviated"
href="mailto:security-dev@openjdk.java.net"
moz-do-not-send="true">security-dev@openjdk.java.net</a> <a
class="moz-txt-link-rfc2396E"
href="mailto:security-dev@openjdk.java.net"
moz-do-not-send="true"><security-dev@openjdk.java.net></a><br>
<b>Betreff:</b> Re: RFR: 8257769: Cipher.getParameters()
throws NPE for ChaCha20-Poly1305 [v2]</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span
style="font-size:11pt;">
<div class="PlainText">On Mon, 7 Dec 2020 19:53:27 GMT,
Valerie Peng <a class="moz-txt-link-rfc2396E"
href="mailto:valeriep@openjdk.org"
moz-do-not-send="true"><valeriep@openjdk.org></a>
wrote:<br>
<br>
>> Jamil Nimeh has updated the pull request
incrementally with one additional commit since the last
revision:<br>
>> <br>
>> pre-init getParameters nonce data is now a
local variable<br>
><br>
>
src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java
line 232:<br>
> <br>
>> 230: // this call should cause a
random nonce to be generated, but<br>
>> 231: // not attached to the object.<br>
>> 232: byte[] nonceData = initialized
? nonce : createRandomNonce(null);<br>
> <br>
> The "initialized" variable is set to false in
engineDoFinal() call. So, if users call getParameters()
after finish cipher operation, this will return random
nonces instead of the one used in previous doFinal
operation. Will this be a little un-intuitive?<br>
<br>
Unintuitive is a charitable way to put it. After
doFinal the Cipher technically isn't in an uninitialized
state per the spec, it's supposed to be in the state it
would be immediately following init(). So the wrong
behavior would happen in this use case. Will fix.<br>
<br>
-------------<br>
<br>
PR: <a
href="https://git.openjdk.java.net/jdk/pull/1644"
moz-do-not-send="true">https://git.openjdk.java.net/jdk/pull/1644</a><br>
</div>
</span></font></div>
</blockquote>
</blockquote>
</body>
</html>