From 9d44dd0cca620ef8e16e0c4306e6e54d8de6d1e8 Mon Sep 17 00:00:00 2001 From: Volodymyr Paprotski Date: Fri, 20 Jan 2023 19:51:28 +0000 Subject: [PATCH] 8297972: Poly1305 Endianness on ByteBuffer not enforced Reviewed-by: jnimeh --- .../security/util/math/intpoly/IntegerPolynomial1305.java | 3 +++ .../com/sun/crypto/provider/Poly1305IntrinsicFuzzTest.java | 7 ++----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial1305.java b/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial1305.java index c473663e512..5015d186d37 100644 --- a/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial1305.java +++ b/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial1305.java @@ -127,6 +127,8 @@ public final class IntegerPolynomial1305 extends IntegerPolynomial { @Override protected void encode(ByteBuffer buf, int length, byte highByte, long[] result) { + ByteOrder currOrder = buf.order(); + buf.order(ByteOrder.LITTLE_ENDIAN); if (length == 16) { long low = buf.getLong(); long high = buf.getLong(); @@ -134,6 +136,7 @@ public final class IntegerPolynomial1305 extends IntegerPolynomial { } else { super.encode(buf, length, highByte, result); } + buf.order(currOrder); } protected void encode(long high, long low, byte highByte, long[] result) { diff --git a/test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/unittest/java.base/com/sun/crypto/provider/Poly1305IntrinsicFuzzTest.java b/test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/unittest/java.base/com/sun/crypto/provider/Poly1305IntrinsicFuzzTest.java index dba3dcdacef..dd10e42083a 100644 --- a/test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/unittest/java.base/com/sun/crypto/provider/Poly1305IntrinsicFuzzTest.java +++ b/test/jdk/com/sun/crypto/provider/Cipher/ChaCha20/unittest/java.base/com/sun/crypto/provider/Poly1305IntrinsicFuzzTest.java @@ -103,20 +103,17 @@ public class Poly1305IntrinsicFuzzTest { authenticator.engineUpdate(message, offset, len); break; case 1: // ByteArray with backing array - buf = ByteBuffer.wrap(message, offset, len) - .order(java.nio.ByteOrder.LITTLE_ENDIAN); + buf = ByteBuffer.wrap(message, offset, len); authenticator.engineUpdate(buf); break; case 2: // ByteArray with backing array (non-zero position) buf = ByteBuffer.wrap(message, 0, len+offset) - .order(java.nio.ByteOrder.LITTLE_ENDIAN) .position(offset); authenticator.engineUpdate(buf); break; case 3: // ByteArray without backing array (wont be sent to intrinsic) buf = ByteBuffer.wrap(message, offset, len) - .asReadOnlyBuffer() - .order(java.nio.ByteOrder.LITTLE_ENDIAN); + .asReadOnlyBuffer(); authenticator.engineUpdate(buf); break; }