RFR: 8255557: Decouple GCM from CipherCore [v4]
Anthony Scarpino
ascarpino at openjdk.java.net
Wed Jun 2 19:13:09 UTC 2021
On Fri, 21 May 2021 00:03:40 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Fix perf problem by reorganizing doLastBlock()
>
> src/java.base/share/classes/com/sun/crypto/provider/GaloisCounterMode.java line 1437:
>
>> 1435: } catch (ArrayIndexOutOfBoundsException aiobe) {
>> 1436: throw new ShortBufferException("Output buffer invalid");
>> 1437: }
>
> I think this should be moved to the very beginning before all the processing and if the output capacity is less than 'len-tagLenBytes' value, then no need to proceed? IIRC, the save/restore is more for algorithms which use padding, may not be needed for GCM?
I had this down here because it's not needed until gctr ops are done and ghash doesn't use an output, but I can move it up.
I remember Sean C having to do save/restore work for GCM.. The tag can create the similar padding issues. It felt safe to keep it.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list