On Tue, 1 Dec 2020 22:53:10 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with five
>> additional commits since the last revision:
>>
>> - test updates
>> - test check mixup
>> - Overlap protection
>> - Updated code comments, all tests pass
>> - Updated code comments, all tests pass
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java
> line 514:
>
>> 512: checkDataLength(inLen, getBufferedLength());
>> 513: ArrayUtil.nullAndBoundsCheck(in, inOfs, inLen);
>> 514:
>
> How about checking out, outOfs with ArrayUtil.nullAndBoundsCheck(...) call? I
> saw one below, but there are already prior calls writing into out. Existing
> impl checks it before writing data into it.
Yes, I'll add it back in.. I wanted to change it so it would verify correctly
output length rather than inLen, which is not necessarily right given there is
ibuffer available. Maybe Ill try to do that in a later update.
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java
> line 580:
>
>> 578:
>> 579: // Encrypt the remaining blocks inside of 'in'
>> 580: if (len > 0) {
>
> Shouldn't this be 'inLen' instead of 'len'?
Yes, that appears to be right
-------------
PR: https://git.openjdk.java.net/jdk/pull/411
