On Thu, 22 Jul 2021 18:36:16 GMT, Anthony Scarpino <ascarp...@openjdk.org> wrote:
>> Hmm ok, so if it's not decryption in-place, then output buffer would still >> be zero'ed when the auth tag failed, but this is ok? > > This is able in-place, not about two separate buffers.. zeroing happens > somewhere else for all decryption bad buffers Yes, I know. Basically, we are trying to optimize performance by trying to write into the supplied buffers (out) as much as we can. But then when tag verification failed, the "written" bytes are erased w/ 0. Ideal case would be not to touch the output buffer until after the tag verification succeeds. Isn't this the previous approach? Verify the tag first and then write out the plain text afterwards. ------------- PR: https://git.openjdk.java.net/jdk/pull/4019
