RFR: ChaCha20 and ChaCha20/Poly1305 Cipher implementations

Thomas Lußnig lussnig at suche.org
Wed Apr 11 14:18:37 UTC 2018


Hi,

i found another point. The "key" field can be removed from ChaCha20Cipher.
1) This field is only set once and later checked if it was initialized.
      But we do not want to knew is the key exists but if key bytes exists.
2) So if two lines are changed from key to keyBytes we can remove this 
unused field.


Gruß Thomas

http://cr.openjdk.java.net/~jnimeh/reviews/8153028/webrev.02/src/java.base/share/classes/com/sun/crypto/provider/ChaCha20Cipher.java.html
Lines 426 , 461 (change to keyBytes)
     if (key == null
Line 75+507 (remove)
     private Key key;
     this.key = key;


On 4/11/2018 12:34 AM, Jamil Nimeh wrote:
> Hello everyone,
>
> This is a quick update to the previous webrev:
>
> * When using the form of engineInit that does only takes op, key and 
> random, the nonce will always be random even if the random parameter 
> is null.  A default instance of SecureRandom will be used to create 
> the nonce in this case, instead of all zeroes.
>
> * Unused debug code was removed from the ChaCha20Cipher.java file
>
> * ChaCha20Parameters.engineToString no longer obtains the line 
> separator from a System property directly.  It calls 
> System.lineSeparator() similar to how other AlgorithmParameter classes 
> in com.sun.crypto.provider do it.
>
> http://cr.openjdk.java.net/~jnimeh/reviews/8153028/webrev.02/
>
> Thanks,
>
> --Jamil
>
>
> On 03/26/2018 12:08 PM, Jamil Nimeh wrote:
>> Hello all,
>>
>> This is a request for review for the ChaCha20 and ChaCha20-Poly1305 
>> cipher implementations.  Links to the webrev and the JEP which 
>> outlines the characteristics and behavior of the ciphers are listed 
>> below.
>>
>> http://cr.openjdk.java.net/~jnimeh/reviews/8153028/webrev.01/
>> http://openjdk.java.net/jeps/329
>>
>> Thanks,
>> --Jamil
>


More information about the security-dev mailing list