RFR: 8267125: AES Galois CounterMode (GCM) interleaved implementation using AVX512 + VAES instructions [v4]

Valerie Peng valeriep at openjdk.java.net
Thu Jul 22 22:44:07 UTC 2021


On Thu, 22 Jul 2021 18:36:16 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> Hmm ok, so if it's not decryption in-place, then output buffer would still be zero'ed when the auth tag failed, but this is ok?
>
> This is able in-place, not about two separate buffers.. zeroing happens somewhere else for all decryption bad buffers

Yes, I know. Basically, we are trying to optimize performance by trying to write into the supplied buffers (out) as much as we can. But then when tag verification failed, the "written" bytes are erased w/ 0. Ideal case would be not to touch the output buffer until after the tag verification succeeds. Isn't this the previous approach? Verify the tag first and then write out the plain text afterwards.

-------------

PR: https://git.openjdk.java.net/jdk/pull/4019


More information about the hotspot-compiler-dev mailing list