RFR: 8248268: Support KWP in addition to KW [v4]
Valerie Peng
valeriep at openjdk.java.net
Sat Mar 27 00:25:09 UTC 2021
> This change updates SunJCE provider as below:
> - updated existing AESWrap support with AES/KW/NoPadding cipher transformation.
> - added support for AES/KWP/NoPadding and AES/KW/PKCS5Padding.
>
> Existing AESWrap impl, i.e. AESWrapCipher class, is re-factored and renamed to KeyWrapCipher class. The W and W_inverse functions are moved to KWUtil class. The KW and KWP support are in the new AESKeyWrap and AESKeyWrapPadded classes which extend FeedbackCipher and used in KeyWrapCipher class. To minimize data copying, AESKeyWrap and AESKeyWrapPadded will do the crypto operation over the same input buffer which is allocated and managed by KeyWrapCipher class.
>
> Also note that existing AESWrap impl does not take IV. However, the corresponding PKCS#11 mechanisms do, so I added support for accepting IVs to both KW and KWP.
>
> Thanks,
> Valerie
Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
Refactor code to reduce code duplication
Address review comments
Add more test vectors
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/2404/files
- new: https://git.openjdk.java.net/jdk/pull/2404/files/c90fdb1e..e4fd6ea2
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=2404&range=03
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=2404&range=02-03
Stats: 465 lines in 6 files changed: 202 ins; 107 del; 156 mod
Patch: https://git.openjdk.java.net/jdk/pull/2404.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/2404/head:pull/2404
PR: https://git.openjdk.java.net/jdk/pull/2404
More information about the security-dev
mailing list