Details

    • Subcomponent:
    • Resolved In Build:
      b113
    • Verification:
      Verified

      Backports

        Description

        CipherInputStream (and probably CipherOutputStream) don't take into account additional authenticated data in GCM mode.

          Issue Links

            Activity

            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/3da8be8d13bf
            User: lana
            Date: 2013-10-22 17:23:08 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk8/jdk8/jdk/rev/3da8be8d13bf User: lana Date: 2013-10-22 17:23:08 +0000
            Hide
            tidu Tim Du (Inactive) added a comment -
            The affected testcases still failed in aurora nightly:
            RULE jce/Cipher/AEAD/JDK_8012900 Exception java.lang.Exception: A decryption has been perfomed successfully in spite of the decrypt Cipher has been initialized with fake AAD

            Batch link:
            http://aurora.ru.oracle.com/functional/faces/RunDetails.xhtml?names=312446.CORELIBS-JDK8-NIGHTLY-SQE-4

            Log:
            http://aurora-ds.us.oracle.com:9500/runs%2F312446.CORELIBS-JDK8-NIGHTLY-SQE-4/results/ResultDir/JDK_8012900/JDK_8012900.log
            Show
            tidu Tim Du (Inactive) added a comment - The affected testcases still failed in aurora nightly: RULE jce/Cipher/AEAD/JDK_8012900 Exception java.lang.Exception: A decryption has been perfomed successfully in spite of the decrypt Cipher has been initialized with fake AAD Batch link: http://aurora.ru.oracle.com/functional/faces/RunDetails.xhtml?names=312446.CORELIBS-JDK8-NIGHTLY-SQE-4 Log: http://aurora-ds.us.oracle.com:9500/runs%2F312446.CORELIBS-JDK8-NIGHTLY-SQE-4/results/ResultDir/JDK_8012900/JDK_8012900.log
            Hide
            rhalade Rajan Halade added a comment -
            Bug was re-opened by mistake. This bug is pending verification.
            Show
            rhalade Rajan Halade added a comment - Bug was re-opened by mistake. This bug is pending verification.
            Hide
            valeriep Valerie Peng added a comment -
            Can you please attach the failed SQE test, i.e. jce/Cipher/AEAD/JDK_8012900? When I tried to access the aurora report on the src of the failed test, it gives me a HTTP 500 file not found error http://aurora-ds.us.oracle.com:9502/core-libs-testbase-local/8_int/src/jce/Cipher/AEAD/JDK_8012900
            Show
            valeriep Valerie Peng added a comment - Can you please attach the failed SQE test, i.e. jce/Cipher/AEAD/JDK_8012900? When I tried to access the aurora report on the src of the failed test, it gives me a HTTP 500 file not found error http://aurora-ds.us.oracle.com:9502/core-libs-testbase-local/8_int/src/jce/Cipher/AEAD/JDK_8012900
            Hide
            valeriep Valerie Peng added a comment - - edited
            The underlying Cipher object should throw AEADBadTagException when fake AAD is supplied. However, CipherInput/OutputStream classes would swallow all non-IOException as its javadoc has been specified. Thus, you won't observe any exception. The only indication of a decryption failure is that the recovered text is empty.

            Personally, I find this only-IOException-are-passed-through behavior potentially confusing. But that's what the javadoc has. Note that this also means that when decrypting data with corrupted padding bytes, partial data are returned. Not sure about the reason for the current spec. But that's how it is unless we change the spec.
            Show
            valeriep Valerie Peng added a comment - - edited The underlying Cipher object should throw AEADBadTagException when fake AAD is supplied. However, CipherInput/OutputStream classes would swallow all non-IOException as its javadoc has been specified. Thus, you won't observe any exception. The only indication of a decryption failure is that the recovered text is empty. Personally, I find this only-IOException-are-passed-through behavior potentially confusing. But that's what the javadoc has. Note that this also means that when decrypting data with corrupted padding bytes, partial data are returned. Not sure about the reason for the current spec. But that's how it is unless we change the spec.

              People

              • Assignee:
                valeriep Valerie Peng
                Reporter:
                afomin Alexander Fomin (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: