archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 15:24:43 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8271745: Correct block size for KW,KWP mode and use fixed IV for KWP mode for SunJCE

Browse source 
Reviewed-by: xuelei, mullan
This commit is contained in:
Valerie Peng 2021-09-01 22:17:49 +00:00
parent 2f01a6f8b6
commit 1a5a2b6b15
3 changed files with 194 additions and 131 deletions
Download patch file Download diff file Expand all files Collapse all files

11
src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrapPadded.java
View file

@ -26,6 +26,7 @@
package com.sun.crypto.provider;
import java.util.Arrays;
import java.util.HexFormat;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
@ -132,12 +133,14 @@ class AESKeyWrapPadded extends FeedbackCipher {
if (key == null) {
throw new InvalidKeyException("Invalid null key");
}
if (iv != null && iv.length != ICV2.length) {
throw new InvalidAlgorithmParameterException("Invalid IV length");
// allow setting an iv but if non-null, must equal to ICV2
if (iv != null && !Arrays.equals(iv, ICV2)) {
HexFormat hf = HexFormat.of().withUpperCase();
throw new InvalidAlgorithmParameterException("Invalid IV, got 0x" +
hf.formatHex(iv) + " instead of 0x" + hf.formatHex(ICV2));
}
embeddedCipher.init(decrypting, algorithm, key);
// iv is retrieved from IvParameterSpec.getIV() which is already cloned
this.iv = (iv == null? ICV2 : iv);
this.iv = ICV2;
}
/**