RFR: 8330842: Support AES CBC with Ciphertext Stealing (CTS) in SunPKCS11 [v4]
Valerie Peng
valeriep at openjdk.org
Wed Jun 5 18:32:58 UTC 2024
On Wed, 5 Jun 2024 14:21:57 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> What I like about this suggestion is that it allows unifying the repeated logic: the two blocks inside `if (encrypt)` and the corresponding `else` would become almost identical, allowing an additional abstraction. How about the following?
>>
>>
>> private void convertCTSVariant(ByteBuffer ciphertextBuf,
>> byte[] ciphertextArr, int end) {
>> // [...]
>> // [...] omitted code
>> // [...]
>> if (ciphertextBuf != null) {
>> pad = pad == 0 ? blockSize : pad;
>> if (encrypt) {
>> // .... pp[pp] ffff -> .... ffff pp[pp]
>> swapLastTwoBlocks(ciphertextBuf, end, pad, blockSize);
>> } else {
>> // .... ffff pp[pp] -> .... pp[pp] ffff
>> swapLastTwoBlocks(ciphertextBuf, end, blockSize, pad);
>> }
>> }
>> }
>>
>> private static void swapLastTwoBlocks(ByteBuffer buffer, int end,
>> int prevBlockLen, int lastBlockLen) {
>> // .... prevBlock lastBlock -> .... lastBlock prevBlock
>> int prevBlockStart = end - prevBlockLen - lastBlockLen;
>> byte[] prevBlockBackup = new byte[prevBlockLen];
>> buffer.get(prevBlockStart, prevBlockBackup);
>> buffer.put(prevBlockStart, buffer, end - lastBlockLen, lastBlockLen);
>> buffer.put(end - prevBlockLen, prevBlockBackup);
>> }
>
> Looks good to me.
Yes, I prefer this.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18898#discussion_r1628246471
More information about the security-dev
mailing list