-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P3
-
Affects Version/s: 20
-
Component/s: security-libs
-
None
-
b16
In cases where Cipher.updateAAD() is called using a ByteBuffer that is a slice, and the size of the slice is a sub-range of the parent ByteBuffer, the offset being used to update the position of the buffer after Poly1305.processMultipleBlocks() is called can sometimes cause an IllegalArgumentException. This happens when the internally calculated new position is greater than the slice's limit. This only occurs on ByteBuffers that are backed by an array.
The exception trace looks something like this:
java.lang.IllegalArgumentException: newPosition > limit: (2042 > 1024)
at java.base/java.nio.Buffer.createPositionException(Buffer.java:351)
at java.base/java.nio.Buffer.position(Buffer.java:326)
at java.base/java.nio.ByteBuffer.position(ByteBuffer.java:1576)
at java.base/com.sun.crypto.provider.Poly1305.processMultipleBlocks(Poly1305.java:268)
at java.base/com.sun.crypto.provider.Poly1305.engineUpdate(Poly1305.java:131)
at java.base/com.sun.crypto.provider.ChaCha20Cipher.engineUpdateAAD(ChaCha20Cipher.java:501)
at java.base/javax.crypto.Cipher.updateAAD(Cipher.java:2776)
The exception trace looks something like this:
java.lang.IllegalArgumentException: newPosition > limit: (2042 > 1024)
at java.base/java.nio.Buffer.createPositionException(Buffer.java:351)
at java.base/java.nio.Buffer.position(Buffer.java:326)
at java.base/java.nio.ByteBuffer.position(ByteBuffer.java:1576)
at java.base/com.sun.crypto.provider.Poly1305.processMultipleBlocks(Poly1305.java:268)
at java.base/com.sun.crypto.provider.Poly1305.engineUpdate(Poly1305.java:131)
at java.base/com.sun.crypto.provider.ChaCha20Cipher.engineUpdateAAD(ChaCha20Cipher.java:501)
at java.base/javax.crypto.Cipher.updateAAD(Cipher.java:2776)
- caused by
-
JDK-8297379 Enable the ByteBuffer path of Poly1305 optimizations
-
- Resolved
-
- links to
-
Commit(master)
openjdk/jdk/3eb3e0dc
-
Review(master)
openjdk/jdk/27081