On Mon, 19 Jul 2021 23:41:49 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> If decryption fails with a bad auth tag, the in is not overwritten because >> it's in-place. Encryption is not needed because there is nothing to check. >> I can add a comment. > > Hmm ok, so if it's not decryption in-place, then output buffer would still be > zero'ed when the auth tag failed, but this is ok? This is able in-place, not about two separate buffers.. zeroing happens somewhere else for all decryption bad buffers ------------- PR: https://git.openjdk.java.net/jdk/pull/4019
