RFR: 8253821: Improve ByteBuffer performance with GCM [v2]

Valerie Peng valeriep at openjdk.java.net
Mon Oct 12 21:01:15 UTC 2020


On Thu, 8 Oct 2020 01:22:09 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> src/java.base/share/classes/com/sun/crypto/provider/AESCipher.java line 744:
>> 
>>> 742:                 } else {
>>> 743:                     return core.doFinal(input, output);
>>> 744:                 }
>> 
>> It seems this block is the only difference between this method and CipherSpi.bufferCrypt(). Have you considered moving
>> this special handling to the overridden engineDoFinal(...) method and not duplicating the whole CipherSpi.bufferCrypt()
>> method here? BTW, instead of using the generic update/doFinal name and then commenting them for GCM usage only, perhaps
>> it's more enticing to name them as gcmUpdate/gcmDoFinal?
>
> I didn't see a way to override this because CipherSpi is a public class, any methods I added would become a new API.
>  Also bufferCrypt is private, so I had to copy it.  CipherSpi does not know which mode is being used, but AESCipher
>  does.  Maybe I'm missing something, I'd rather it not be a copy, but I couldn't see a better way. If you have a
>  specific idea, please give me details.

How about overriding
protected int engineDoFinal(ByteBuffer input, ByteBuffer output) throws ... {
    if (core.getMode() == CipherCore.GCM_MODE && !input.hasArray()) {
        // call your own optimized byte buffer code path
    } else {
        super.engineDoFinal(input, output);
    }
}

Would this work? If yes, then no need to duplicate the whole bufferCrypt() method.

-------------

PR: https://git.openjdk.java.net/jdk/pull/411



More information about the security-dev mailing list