RFR(L): 8069539: RSA acceleration
Florian Weimer
fweimer at redhat.com
Mon Mar 23 13:59:46 UTC 2015
On 03/20/2015 11:45 PM, Viswanathan, Sandhya wrote:
> Hi Florian,
>
> My thoughts on this are as follows:
>
> BigInteger.squareToLen is a private method and not a public method.
> The length calculation code in Java version of this method does not have the overflow check and the intrinsic follows the Java code.
>
> private static final int[] squareToLen(int[] x, int len, int[] z) {
> ...
> int zlen = len << 1;
> if (z == null || z.length < zlen)
> z = new int[zlen];
> ...
> }
The difference is that the Java code will still perform the bounds
checks on each array access, I think, so even if zlen turns out negative
(and thus no reallocation happens), damage from out-of-bounds accesses
will be non-existent.
> Also the underlying array in BigInteger cannot be greater than MAX_MAG_LENGTH which is defined as:
>
> private static final int MAX_MAG_LENGTH = Integer.MAX_VALUE / Integer.SIZE + 1; // (1 << 26)
>
> So zlen calculation cannot overflow as int array x and its length len is coming from a BigInteger array.
Maybe can you add this as a comment to the intrinsic? I think this
would be a useful addition, especially if at some point in the future,
someone else uses your code as a template to implement their own intrinsic.
> Similarly mulAdd is a package private method and its inputs are allocated or verified at call sites.
Same here.
--
Florian Weimer / Red Hat Product Security
More information about the hotspot-compiler-dev
mailing list