On Fri, 16 Jul 2021 00:10:52 GMT, Anthony Scarpino <ascarp...@openjdk.org>
wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java
>> line 992:
>>
>>> 990: */
>>> 991: byte[] overlapDetection(byte[] in, int inOfs, byte[] out, int
>>> outOfs) {
>>> 992: if (in == out && (!encryption || inOfs < outOfs)) {
>>
>> So, we will always allocate an output buffer for decryption if in==out? Why
>> just decryption? Update the javadoc for this method with the reason?
>
> If the crypto is decryption in-place, an internal output buffer is needed in
> case the auth tag fails, otherwise the input buffer would be zero'ed.
If decryption fails with a bad auth tag, the in is not overwritten because it's
in-place. Encryption is not needed because there is nothing to check. I can
add a comment.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4019
