> At ABA we have been working on a clean room implementation of
> the JCE API, and have come across a situation where a cipher
> class has been asked to encrypt a zero length array. Specifically
> Cipher.update() has been called with a zero length array. The
> documentation is a little unclear as to how the Cipher class
> will behave here and I'm expecting that it will just pass the
> call onto the CipherSpi class to deal with. Unfortunately that
> means that each SPI class has to include code to deal with all
> the pathalogical cases.
>
> So my question do the various Cipher.update() methods check for
> things like in.length == 0 or just pass the arguments along
> unchecked?
Cipher.update() currently does the following sanity checks:
update(byte[] input)
// Input sanity check
if (input == null) {
throw new IllegalArgumentException("null input buffer");
}
update(byte[] input, int inputOffset, int inputLen)
// Input sanity check
if (input == null || inputOffset < 0
|| inputLen > (input.length - inputOffset) || inputLen < 0) {
throw new IllegalArgumentException("Bad arguments");
}
if (inputLen == 0) {
return null;
}
In the case of "update(byte[] input)", I am going to add the following check:
if (input.length == 0)
return null;
This will make it consistent with the "update" method
that takes an "offset" and "length".
Since all these checks are done at the API level (before the
corresponding SPI method is called), you do not have to implement
them in your SPI subclass.
Jan