RFR: 8267125: AES Galois CounterMode (GCM) interleaved implementation using AVX512 + VAES instructions [v4]

Valerie Peng valeriep at openjdk.java.net
Fri Jul 30 20:19:37 UTC 2021


On Thu, 22 Jul 2021 17:57:13 GMT, Anthony Scarpino <ascarpino at openjdk.org> wrote:

>> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 761:
>> 
>>> 759:             }
>>> 760: 
>>> 761:             dst.put(out, 0, rlen);
>> 
>> This looks belong to the above if-block? I wonder how this have not affected the operation to fail. Perhaps the existing regression tests did not cover the 'rlen < blockSize' case. If the code in the above if-block is not run, this outsize dst.put(...) call would put extra output bytes into the output buffer.
>
> Yes... this one and the ct offset problem earlier I would have expected the regression test it pick the mistake.  There should be tests that catch this.. I'm not sure what's up.

This shall be addressed in next update I assume?

-------------

PR: https://git.openjdk.java.net/jdk/pull/4019



More information about the security-dev mailing list