RFR JDK-8000415: Add support for SHA-3

Seán Coffey sean.coffey at oracle.com
Fri May 13 16:00:08 UTC 2016


Valerie,

some comments on supportability of the new code. Some handling could be 
improved to contain context perhaps :

sun/security/provider/SHA3.java
+        if (numOfPadding < 1) {
+            throw new ProviderException("Incorrect pad size");

Can we print the numOfPadding value ?


+    private static long[][] bytes2Lanes(byte[] s) {
+        if (s.length != WIDTH) {
+            throw new ProviderException("Error: incorrect input size");

can we print the relevant values of interest ?

On the test front, are you planning to update these tests to cater for 
the new SHA-3 algorithms ?

./pkcs11/MessageDigest/DigestKAT.java
./provider/MessageDigest/DigestKAT.java

Regards,
Sean.

On 05/05/16 03:08, Valerie Peng wrote:
> Hi,
>
> Can someone help reviewing the changes for SHA-3?
>
> The result has been validated against the NIST test vectors (for 
> BYTE-ONLY impls, i.g. input which are multiples of bytes).
> The feature complete date is coming up in a week or two. So, if this 
> can be reviewed in a week or so, that'd be great.
>
> The changes for SUN providers are quite straight-forward, e.g. SHA-3 
> digest impls based on FIPS PUB 202.
> As for OracleUcrypto provider, Solaris SHA-3 support is through new 
> libucrypto digest APIs (added in Solaris 12) instead of the libmd.
> When running on Solaris 12, the new libucrypto APIs will be used. 
> Otherwise, libmd will be used.
> Changes for OracleUcrypto providers:
> - add JNI code for the new libucrypto digest APIs
> - code refactoring, e.g. move the libmd-related code to classes with 
> MD suffix
> - run-time mechanism number assignment (used to be hardcoded values)
> - better error reporting
>
> RFE: https://bugs.openjdk.java.net/browse/JDK-8000415
> Webrev: http://cr.openjdk.java.net/~valeriep/8000415/webrev.00/
>
> Thanks,
> Valerie




More information about the security-dev mailing list