infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-03-16 19:03:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

8143945: Better GCM validation

Browse Source 
Reviewed-by: xuelei, mullan
This commit is contained in:
Anthony Scarpino 2015-12-21 10:43:40 -08:00
parent 0edc09be0c
commit fc6a5d3bd2
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
jdk/src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java
View File

@ -512,11 +512,17 @@ final class GaloisCounterMode extends FeedbackCipher {
byte[] sOut = new byte[s.length];
GCTR gctrForSToTag = new GCTR(embeddedCipher, this.preCounterBlock);
gctrForSToTag.doFinal(s, 0, s.length, sOut, 0);
// check entire authentication tag for time-consistency
int mismatch = 0;
for (int i = 0; i < tagLenBytes; i++) {
if (tag[i] != sOut[i]) {
throw new AEADBadTagException("Tag mismatch!");
}
mismatch |= tag[i] ^ sOut[i];
}
if (mismatch != 0) {
throw new AEADBadTagException("Tag mismatch!");
}
return len;
}