Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8157603

TestCipher.java doesn't check one of the decrypted message as expected

    Details

    • Subcomponent:
    • Introduced In Build:
      b81
    • Introduced In Version:
      9
    • Resolved In Build:
      b123

      Backports

        Description

        In this file:
        http://hg.openjdk.java.net/jdk9/dev/jdk/file/0b2d0cf231c7/test/com/sun/crypto/provider/Cipher/TestCipher.java

        Decryption is performed into INPUT_TEXT (lines 194-197).

                // Recover text from cipher and save to same buffer
                ci.update(INPUT_TEXT, STORAGE_OFFSET, TEXT_LEN + PAD_LEN, INPUT_TEXT,
                        ENC_OFFSET);
                ci.doFinal(INPUT_TEXT, ENC_OFFSET);

        But check that decryption went well is performed on another buffer - recoveredText (lines 199 -206):

                if (!equalsBlock(
                        plainText, ENC_OFFSET, recoveredText, 0,
                        recoveredText.length)) {
                    throw new RuntimeException(
                            "Recovered text not same as plain text with same buffer");
                } else {
                    out.println("Recovered and plain text are same with same buffer");
                }

          Issue Links

            Activity

            Hide
            asmotrak Artem Smotrakov added a comment -
            Just to be clear - the check in lines 199 -206 is correct. But it duplicates a check 185-192. So lines 199 -206 needs to be updated to use INPUT_TEXT. This issue should affect all tests which are based on TestCipher. Good catch!
            Show
            asmotrak Artem Smotrakov added a comment - Just to be clear - the check in lines 199 -206 is correct. But it duplicates a check 185-192. So lines 199 -206 needs to be updated to use INPUT_TEXT. This issue should affect all tests which are based on TestCipher. Good catch!
            Hide
            akosarev Artem Kosarev added a comment - - edited
            There was also a problem that length for encrypted message was calculated based on some assumptions: TEXT_LEN + PAD_LEN. That is not working for all the scenarios.
            I believe that relying on values returned by methods Cipher.update & Cipher.doFinal of previous encryption is proper way.
            Show
            akosarev Artem Kosarev added a comment - - edited There was also a problem that length for encrypted message was calculated based on some assumptions: TEXT_LEN + PAD_LEN. That is not working for all the scenarios. I believe that relying on values returned by methods Cipher.update & Cipher.doFinal of previous encryption is proper way.
            Show
            rhalade Rajan Halade added a comment - Review request - http://mail.openjdk.java.net/pipermail/security-dev/2016-June/014039.html
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/bf910aef39d4
            User: asmotrak
            Date: 2016-06-07 15:54:07 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/dev/jdk/rev/bf910aef39d4 User: asmotrak Date: 2016-06-07 15:54:07 +0000
            Hide
            hgupdate HG Updates added a comment -
            URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/bf910aef39d4
            User: lana
            Date: 2016-06-15 19:03:40 +0000
            Show
            hgupdate HG Updates added a comment - URL: http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/bf910aef39d4 User: lana Date: 2016-06-15 19:03:40 +0000

              People

              • Assignee:
                akosarev Artem Kosarev
                Reporter:
                akosarev Artem Kosarev
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: