RFR: 8248268: Support KWP in addition to KW [v10]
Valerie Peng
valeriep at openjdk.java.net
Wed Jun 2 18:12:33 UTC 2021
On Wed, 2 Jun 2021 17:52:07 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> This change updates SunJCE provider as below:
>> - updated existing AESWrap support with AES/KW/NoPadding cipher transformation.
>> - added support for AES/KWP/NoPadding and AES/KW/PKCS5Padding.
>>
>> Existing AESWrap impl, i.e. AESWrapCipher class, is re-factored and renamed to KeyWrapCipher class. The W and W_inverse functions are moved to KWUtil class. The KW and KWP support are in the new AESKeyWrap and AESKeyWrapPadded classes which extend FeedbackCipher and used in KeyWrapCipher class. To minimize data copying, AESKeyWrap and AESKeyWrapPadded will do the crypto operation over the same input buffer which is allocated and managed by KeyWrapCipher class.
>>
>> Also note that existing AESWrap impl does not take IV. However, the corresponding PKCS#11 mechanisms do, so I added support for accepting IVs to both KW and KWP.
>>
>> Thanks,
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> Add AESWrapPad alias for AES with KWP mode for better interoperability and updated tests accordingly.
Hi Mike,
Lastly, regarding the naming, I am not too inclined toward the AES/KW/KWPPadding suggestion since the general concept of padding is that it's general, not mode-specific and are applied before data is processed by crypto operations. The mode can just process data without knowing whether padding is applied as long as the data has the right length. Thus, I'd keep KWP as a mode which does internal padding instead of a generic padding scheme. The AutoPadding suggestion is interesting and can be easily built on top of KW and KWP modes if desired.
Thanks for the feedbacks,
Valerie
-------------
PR: https://git.openjdk.java.net/jdk/pull/2404
More information about the security-dev
mailing list