RFR: 8248268: Support KWP in addition to KW [v3]
Valerie Peng
valeriep at openjdk.java.net
Thu Mar 25 23:58:26 UTC 2021
On Tue, 23 Mar 2021 18:47:32 GMT, Greg Rubin <github.com+829871+SalusaSecondus at openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Changed AlgorithmParameters impls to register under AES/KW/NoPadding and
>> AES/KWP/NoPadding
>
> src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrap.java line 193:
>
>> 191: if (!Arrays.equals(ivOut, 0, ICV1.length, this.iv, 0, ICV1.length)) {
>> 192: throw new IllegalBlockSizeException("Integrity check failed");
>> 193: }
>
> It feels like an odd asymmetry that we validate the IV upon decryption in `AESKeyWrap` but the IV is prepended in `KeyWrapCipher.writeIvSemiBlock`. I'm worried that by separating this logic like this it is easier for us to get it wrong (or break it in the future).
Hmm, another alternative is to move this logic to the underlying key wrap impl, i.e. AESKeyWrap and AESKeyWrapPadded, and start saving data after the first 8-byte in KeyWrapCipher class.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2404
More information about the security-dev
mailing list