RFR: 8344144: AES/CBC slow at big payloads [v2]
Volodymyr Paprotski
vpaprotski at openjdk.org
Tue Nov 19 16:42:11 UTC 2024
On Fri, 15 Nov 2024 19:43:18 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> I don't think this constant needs to be dynamic. The reason I mention blocksize, the intrinsic expects multiple of block size (`ArrayUtil.blockSizeCheck(plainLen, blockSize);` assert before-hand), but its otherwise unrelated to the block size. (i.e. "has to be large enough for optimizations").
>>
>> I believe this class can also be used by DES; iirc, blocksize=8. I suppose I could use `AESConstants.AES_BLOCK_SIZE*6400` as `chunkSize`. If that looks good, I will do that change, though I've seen '16' used as a raw number plenty of times in the package, without 'attribution' to AES_BLOCK_SIZE.
>>
>> And to be thorough, I should probably put an `ArrayUtil.blockSizeCheck(chunkSize, blockSize);` into the constructor? That way it is checked, but not on every call.
>
> Yes, my concern is basically `intrinsic expects multiple of block size`. I would simply declare the variable and then assign it in constructor when `blockSize` is known, no need to call `blockSizeCheck`:
>
> private final int chunkSize;
> .........
> CipherBlockChaining(SymmetricCipher embeddedCipher) {
> super(embeddedCipher);
> k = new byte[blockSize];
> r = new byte[blockSize];
> chunkSize = blockSize * 6400;
> }
Done
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22086#discussion_r1848694214
More information about the security-dev
mailing list