RFR: 8253821: Improve ByteBuffer performance with GCM [v5]
Valerie Peng
valeriep at openjdk.java.net
Tue Dec 1 23:21:11 UTC 2020
On Thu, 26 Nov 2020 02:14:40 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:
>> 8253821: Improve ByteBuffer performance with GCM
>
> Anthony Scarpino has updated the pull request incrementally with five additional commits since the last revision:
>
> - test updates
> - test check mixup
> - Overlap protection
> - Updated code comments, all tests pass
> - Updated code comments, all tests pass
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 557:
> 555: // If a block or more was encrypted from 'buffer' only, but the
> 556: // rest of 'buffer' with 'in' could not construct a block, then
> 557: // put the rest if 'buffer' back into ibuffer.
typo: if => of
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 539:
> 537: // Construct and encrypt a block if there is enough 'buffer' and
> 538: // 'in' to make one
> 539: if ((inLen + remainder) >= blockSize) {
This big block of code is only needed when (remainder != 0), right?
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 554:
> 552: ibuffer.reset();
> 553: // Code below will write the remainder from 'in' to ibuffer
> 554: } else if (blen > 0) {
Instead of blen >0, maybe you meant remainder > 0?
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 514:
> 512: checkDataLength(inLen, getBufferedLength());
> 513: ArrayUtil.nullAndBoundsCheck(in, inOfs, inLen);
> 514:
How about checking out, outOfs with ArrayUtil.nullAndBoundsCheck(...) call? I saw one below, but there are already prior calls writing into out. Existing impl checks it before writing data into it.
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 580:
> 578:
> 579: // Encrypt the remaining blocks inside of 'in'
> 580: if (len > 0) {
Shouldn't this be 'inLen' instead of 'len'?
src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 657:
> 655: */
> 656: int decrypt(byte[] in, int inOfs, int len, byte[] out, int outOfs) {
> 657: checkDataLength(ibuffer.size(), len);
Just curious, why remove this checkDataLength(...) call? Seems inconsistent to other methods?
-------------
PR: https://git.openjdk.java.net/jdk/pull/411
More information about the security-dev
mailing list