Avoid overlapping buffers in native ChaCha20 #758
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
keithc-ca
requested changes
Feb 21, 2024
closed/src/java.base/share/classes/com/sun/crypto/provider/NativeChaCha20Cipher.java
Show resolved
Hide resolved
jasonkatonica
force-pushed
the
katonica/issue18703/overlappingbuffers
branch
from
605cb86 to
c267d3d
Compare
When using the ChaCha20 algorithms and an input and output buffer overlaps we should ensure that a copy of the input buffer is made before encrypting or decrypting. This ensures that OpenSSL is able to process this data. OpenSSL does not allow for overlapping input and output buffers when performing operations on data for the ChaCha20 algorithm. The values returned when getting the output size for a crypto operation were also found to be incorrect. This update matches the logic that is within the ChaCha20Cipher.java file for calculating the output sizes. Encoded key material was found to be left in memory under the right conditions. This memory should be zeroed to avoid a copy of the key from residing in memory for longer than necessary. This addition was noticed when comparing the NativeChaCha20Cipher class to the ChaCha20Cipher class. The method getEncodedKey now will zero out the copy of the key before throwing an exception. Each of these changes fix the two failing tests reported in issue [18703](eclipse-openj9/openj9#18703). Signed-off-by: Jason Katonica <[email protected]>
jasonkatonica
force-pushed
the
katonica/issue18703/overlappingbuffers
branch
from
c267d3d to
ecec125
Compare
keithc-ca
approved these changes
Feb 21, 2024
|
Jenkins compile zlinux jdk11 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using the ChaCha20 algorithms and an input
and output buffer overlaps we should ensure that
a copy of the input buffer is made before
encrypting or decrypting. This ensures that
OpenSSL is able to process this data. OpenSSL
does not allow for overlapping input and output
buffers when performing operations on data for the ChaCha20 algorithm.
The values returned when getting the output
size for a crypto operation were also found to be
incorrect. This update matches the logic that is
within the ChaCha20Cipher.java file for
calculating the output sizes.
Encoded key material was found to be left in
memory under the right conditions. This memory
should be zeroed to avoid a copy of the key from
residing in memory for longer than necessary.
This addition was noticed when comparing the
NativeChaCha20Cipher class to the ChaCha20Cipher
class. The method getEncodedKey now will zero out
the copy of the key before throwing an exception.
Each of these changes fix the two failing tests
reported in issue 18703.