RFR: 8255557: Decouple GCM from CipherCore
Anthony Scarpino
ascarpino at openjdk.java.net
Mon May 17 21:36:42 UTC 2021
On Mon, 17 May 2021 19:28:04 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Hi,
>>
>> I need a review of this rather large change to GCM. GCM will no longer use CipherCore, and AESCrypt to handle it's buffers and other objects. It is also a major code redesign limits the amount of data copies and make some performance-based decisions.
>>
>> Thanks
>>
>> Tony
>
> src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java line 240:
>
>> 238: // "com.sun.crypto.provider.GaloisCounterMode$AESGCM", null, attrs);
>> 239: ps("Cipher", "AES/GCM/NoPadding",
>> 240: "com.sun.crypto.provider.GaloisCounterMode$AESGCM", null, attrs);
>
> Why this one uses AESGCM but the rest uses AES128, AES192, AES256? Maybe just AES?
It's part of the getInstance() provider selection. in AESCipher it does the same thing with CBC, ECB, etc, but the AESCipher.General is used. Because this is the only AES mode specified that is not using General and outside AESCipher, it had to be implemented separately
-------------
PR: https://git.openjdk.java.net/jdk/pull/4072
More information about the security-dev
mailing list