RFR: 8267125: AES Galois CounterMode (GCM) interleaved implementation using AVX512 + VAES instructions [v4]

Anthony Scarpino ascarpino at openjdk.java.net
Thu Jul 22 18:34:11 UTC 2021


On Tue, 20 Jul 2021 01:35:04 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> Smita Kamath has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   Updated AES-GCM intrinsic to match latest Java Code
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 762:
> 
>> 760: 
>> 761:             dst.put(out, 0, rlen);
>> 762:             processed += srcLen;
> 
> It seems that callers of this implGCMCrypt() method such as GCMEngine.doLastBlock() adds the returned value to the "processed" field which looks like double counting? However, some caller such as GCMEncrypt.doUpdate() does not. Seems inconsistent and may lead to wrong value for the "processed" field?

All the callers that use GCMOperations, ie op.update(...), have the processed value updated.  implGCMCrypt() calls op.update() and updates the value.  It cannot double count 'processed' is not updated after implGCMCrypt().  I can see your point, but the other methods do not have access to 'processed' and would mean I copy that line 3 times elsewhere.  I'd rather keep it as is

-------------

PR: https://git.openjdk.java.net/jdk/pull/4019



More information about the security-dev mailing list