RFR: 8294248: Use less limbs for P256 in EC implementation [v4]

Xue-Lei Andrew Fan xuelei at openjdk.org
Sat Dec 3 06:02:15 UTC 2022


On Wed, 30 Nov 2022 19:44:00 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:

> > Please add a test that verifies that the worst case calculation still produces correct results. That is:
> > 
> > * build a number where the limb values are as high as possible (2^(numLimbs*bitsPerLimb)-1, or something close)
> > * sum that number with itself until numAdds = maxAdds
> > * square the result
> > * compare the result with the same calculations on BigInteger
> 
> It makes senses to me. I would like to have an improvement in FieldGen.java instead, so that no illegal params could be set. Let's see if I could make it before integration of this patch.

The FieldGen.java improvement is not a small patch.  It's on my plan, but it may be not something right for JDK 20 as the deadline is approaching.  I will see if it is possible for JDK 21.  Close this PR for now.  I will open it again if the FieldGen.java get improved.  @djelinski Thank you for your time and extremely helpful feedback.

-------------

PR: https://git.openjdk.org/jdk/pull/10398



More information about the security-dev mailing list