Re: [9]RFR 6946830: javax.crypto.Cipher.doFinal behavior differs depending on platform
I like the new update. Thanks! Xuelei On 9/23/2016 5:59 AM, Valerie Peng wrote: Ok, I think this should be better: http://cr.openjdk.java.net/~valeriep/6946830/webrev.01/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11Cipher.java.sdiff.html Made some minor changes for clean up as well. Thanks, Valerie On 9/19/2016 6:20 PM, Xuelei Fan wrote: P11Cipher.java -- line 775 and 850: The code looks special to me. Is it possible/better to check the range before the call to PKCS11 decryption function? Xuelei On 9/20/2016 5:11 AM, Valerie Peng wrote: Anyone has time to review this trivial fix? This is a corner case of decrypting with 0-length data. Some provider throws exception but some just returns (no-op). For less impact, I changed all to match SunJCE provider's behavior which just returns. Bug: https://bugs.openjdk.java.net/browse/JDK-6946830 Webrev: http://cr.openjdk.java.net/~valeriep/6946830/webrev.00/ Thanks, Valerie
Re: [9]RFR 6946830: javax.crypto.Cipher.doFinal behavior differs depending on platform
Ok, I think this should be better: http://cr.openjdk.java.net/~valeriep/6946830/webrev.01/src/jdk.crypto.pkcs11/share/classes/sun/security/pkcs11/P11Cipher.java.sdiff.html Made some minor changes for clean up as well. Thanks, Valerie On 9/19/2016 6:20 PM, Xuelei Fan wrote: P11Cipher.java -- line 775 and 850: The code looks special to me. Is it possible/better to check the range before the call to PKCS11 decryption function? Xuelei On 9/20/2016 5:11 AM, Valerie Peng wrote: Anyone has time to review this trivial fix? This is a corner case of decrypting with 0-length data. Some provider throws exception but some just returns (no-op). For less impact, I changed all to match SunJCE provider's behavior which just returns. Bug: https://bugs.openjdk.java.net/browse/JDK-6946830 Webrev: http://cr.openjdk.java.net/~valeriep/6946830/webrev.00/ Thanks, Valerie
Re: [9]RFR 6946830: javax.crypto.Cipher.doFinal behavior differs depending on platform
P11Cipher.java -- line 775 and 850: The code looks special to me. Is it possible/better to check the range before the call to PKCS11 decryption function? Xuelei On 9/20/2016 5:11 AM, Valerie Peng wrote: Anyone has time to review this trivial fix? This is a corner case of decrypting with 0-length data. Some provider throws exception but some just returns (no-op). For less impact, I changed all to match SunJCE provider's behavior which just returns. Bug: https://bugs.openjdk.java.net/browse/JDK-6946830 Webrev: http://cr.openjdk.java.net/~valeriep/6946830/webrev.00/ Thanks, Valerie