On Tue, 23 Mar 2021 19:57:44 GMT, Greg Rubin <github.com+829871+salusasecon...@openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Changed AlgorithmParameters impls to register under AES/KW/NoPadding and >> AES/KWP/NoPadding > > src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrapPadded.java > line 246: > >> 244: int outLen = validateIV(ivAndLen, this.iv); >> 245: // check padding bytes >> 246: int padLen = ctLen - outLen; > > Can we add an explicit check that `0 <= padLen < SEMI_BLKSIZE`? Sure, good idea. ------------- PR: https://git.openjdk.java.net/jdk/pull/2404
