RFR: 8248268: Support KWP in addition to KW [v7]

Valerie Peng valeriep at openjdk.java.net
Fri May 14 00:33:12 UTC 2021 

> This change updates SunJCE provider as below:
> - updated existing AESWrap support with AES/KW/NoPadding cipher transformation. 
> - added support for AES/KWP/NoPadding and AES/KW/PKCS5Padding.
> 
> Existing AESWrap impl, i.e. AESWrapCipher class, is re-factored and renamed to KeyWrapCipher class. The W and W_inverse functions are moved to KWUtil class. The KW and KWP support are in the new AESKeyWrap and AESKeyWrapPadded classes which extend FeedbackCipher and used in KeyWrapCipher class. To minimize data copying, AESKeyWrap and AESKeyWrapPadded will do the crypto operation over the same input buffer which is allocated and managed by KeyWrapCipher class. 
> 
> Also note that existing AESWrap impl does not take IV. However, the corresponding PKCS#11 mechanisms do, so I added support for accepting IVs to both KW and KWP.
> 
> Thanks,
> Valerie

Valerie Peng has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains seven commits:

 - Merge master into JDK-8248268
 - Minor update to address review comments.
 - Changed AESParameters to allow 4-byte, 8-byte IVs and removed
   KWParameters and KWPParameters.
 - Refactor code to reduce code duplication
   Address review comments
   Add more test vectors
 - Changed AlgorithmParameters impls to register under AES/KW/NoPadding and
   AES/KWP/NoPadding
 - Restored Iv algorithm parameters impl.
 - 8248268: Support KWP in addition to KW
   
   Updated existing AESWrap support with AES/KW/NoPadding cipher
   transformation. Added support for AES/KWP/NoPadding and
   AES/KW/PKCS5Padding support to SunJCE provider.

-------------

Changes: https://git.openjdk.java.net/jdk/pull/2404/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=2404&range=06
  Stats: 2592 lines in 16 files changed: 1930 ins; 555 del; 107 mod
  Patch: https://git.openjdk.java.net/jdk/pull/2404.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/2404/head:pull/2404

PR: https://git.openjdk.java.net/jdk/pull/2404

More information about the security-dev mailing list