On Tue, 24 Aug 2021 01:33:42 GMT, Valerie Peng <valer...@openjdk.org> wrote:
> Could someone help review this straight forward change? During the
> interoperability testing with PKCS11 KW/KWP support, it is noticed that
> SunJCE provider used the wrong block size (AES: 16) when padding is needed
> for KW mode. With KW, KWP modes, data block size is multiples of 8-byte, so
> the padding should pad data to multiples of 8 bytes instead of 16. In
> addition, although PKCS#11 v3.0 states the IV for KWP mode is 4-byte, NSS's
> implementation would silently ignore the specified IVs. Thus, for max
> interoperability, it seems safer to change SunJCE provider to always use the
> same default IV and disallow custom IVs for KWP mode, at least for now.
> Regression test is enhanced to test more scenarios.
>
> Thanks,
> Valerie
src/java.base/share/classes/com/sun/crypto/provider/KeyWrapCipher.java line 237:
> 235: @Override
> 236: protected int engineGetBlockSize() {
> 237: return 8;
Line 186 still says:
`* symmetric cipher whose block size must be 128-bit`
Should that also be updated?
-------------
PR: https://git.openjdk.java.net/jdk/pull/5236
