Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8366833

Poly1305 does not always correctly update position for array-backed ByteBuffers after processMultipleBlocks

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: P3 P3
    • None
    • None
    • security-libs
    • None
    • Fix Understood
    • 20

      In cases where Cipher.updateAAD() is called using a ByteBuffer that is a slice, and the size of the slice is a sub-range of the parent ByteBuffer, the offset being used to update the position of the buffer after Poly1305.processMultipleBlocks() is called can sometimes cause an IllegalArgumentException. This happens when the internally calculated new position is greater than the slice's limit. This only occurs on ByteBuffers that are backed by an array.

      The exception trace looks something like this:
      java.lang.IllegalArgumentException: newPosition > limit: (2042 > 1024)
      at java.base/java.nio.Buffer.createPositionException(Buffer.java:351)
      at java.base/java.nio.Buffer.position(Buffer.java:326)
      at java.base/java.nio.ByteBuffer.position(ByteBuffer.java:1576)
      at java.base/com.sun.crypto.provider.Poly1305.processMultipleBlocks(Poly1305.java:268)
      at java.base/com.sun.crypto.provider.Poly1305.engineUpdate(Poly1305.java:131)
      at java.base/com.sun.crypto.provider.ChaCha20Cipher.engineUpdateAAD(ChaCha20Cipher.java:501)
      at java.base/javax.crypto.Cipher.updateAAD(Cipher.java:2776)

            jnimeh Jamil Nimeh
            jnimeh Jamil Nimeh
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: