Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8305091

Change ChaCha20 cipher init behavior to match AES-GCM

    XMLWordPrintable

Details

    • b24
    • Verified

    Description

      The ChaCha20 and ChaCha20-Poly1305 cipher implementations in SunJCE implement key and nonce reuse protection. This means that a key and nonce may not be used across two subsequent Cipher.init calls. However, in AES-GCM we do allow key/nonce reuse when the cipher is in DECRYPT_MODE in order to be able to reuse a Cipher object to decrypt the information is has encrypted, or for use in protocols where one may be decrypting multiple ciphertexts that may be the result of retransmissions (e.g. DTLS).

      Currently ChaCha20 does not allow decrypt-mode Cipher objects to reuse the key and nonce, but it should. Fixing this issue will have ChaCha20 and ChaCha20-Poly1305 init behavior conform to the same rules that AES-GCM does.

      Attachments

        Issue Links

          There are no Sub-Tasks for this issue.

          Activity

            People

              jnimeh Jamil Nimeh
              jnimeh Jamil Nimeh
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: