RFR: 8320192: SHAKE256 does not work correctly if n >= 137

Mark Powers mpowers at openjdk.org
Thu Nov 16 22:46:36 UTC 2023 

On Thu, 16 Nov 2023 20:45:29 GMT, Weijun Wang <weijun at openjdk.org> wrote:

> When blocksize is less than digest output length, call `keccak` more.

Looks good. I only found trivial things. A comment describing `squeezeOffset` would help.

src/java.base/share/classes/sun/security/provider/DigestBase.java line 144:

> 142:     }
> 143: 
> 144:         // compress complete blocks

Indentation problem.

src/java.base/share/classes/sun/security/provider/SHA3.java line 102:

> 100:     }
> 101: 
> 102:      void finishAbsorb() {

One extra space of indentation.

src/java.base/share/classes/sun/security/provider/SHAKE128.java line 39:

> 37:     // if this constructor is used to get an instance of the class, then, after the last update,
> 38:     // one can get the generated bytes using the squeezing methods
> 39:     // calling digest method will throw a ProviderException

These should be complete sentences capital letters and periods.

src/java.base/share/classes/sun/security/provider/SHAKE256.java line 32:

> 30: public final class SHAKE256 extends SHA3 {
> 31:     // d is the required number of output bytes
> 32:     // if this constructor is used with d > 0, the squeezing methods will throw a ProviderException

These should be complete sentences capital letters and periods.

src/java.base/share/classes/sun/security/provider/SHAKE256.java line 39:

> 37:     // if this constructor is used to get an instance of the class, then, after the last update,
> 38:     // one can get the generated bytes using the squeezing methods
> 39:     // calling a digest method will throw a ProviderException

These should be complete sentences capital letters and periods.

-------------

Marked as reviewed by mpowers (Committer).

PR Review: https://git.openjdk.org/jdk/pull/16698#pullrequestreview-1735586966
PR Review Comment: https://git.openjdk.org/jdk/pull/16698#discussion_r1396448860
PR Review Comment: https://git.openjdk.org/jdk/pull/16698#discussion_r1396384245
PR Review Comment: https://git.openjdk.org/jdk/pull/16698#discussion_r1396421367
PR Review Comment: https://git.openjdk.org/jdk/pull/16698#discussion_r1396420740
PR Review Comment: https://git.openjdk.org/jdk/pull/16698#discussion_r1396387588

More information about the security-dev mailing list