RFR: 8320192: SHAKE256 does not work correctly if n >= 137 [v4]
Valerie Peng
valeriep at openjdk.org
Mon Nov 20 22:17:05 UTC 2023
On Mon, 20 Nov 2023 13:57:58 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> When blocksize is less than digest output length, call `keccak` more.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> minimize code changes
Changes look fine. The synopsis should be updated as this is about SHAKE128? In addition, now that the digest output can be variable-length, it'd be good to update the comment for the `private void keccak() `method since the capacity c is not twice of digest length as in the case of SHA-3.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16698#issuecomment-1819889428
More information about the security-dev
mailing list