RFR: JDK-8338587 - Internal XOF Methods for SHAKE128 and SHAKE256 [v5]
Valerie Peng
valeriep at openjdk.org
Fri Sep 6 01:13:55 UTC 2024
On Wed, 28 Aug 2024 16:42:38 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> In preparation for the new PQC algorithms implementations, internal XOF (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256 implementations.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>
> Fixing typos and simplify the squeeze() method as suggested by Weijun
src/java.base/share/classes/sun/security/provider/SHA3.java line 70:
> 68: };
> 69:
> 70: // the starting 3 or 5 bits of the domain separator and 10*1 padding
I find the current comment a bit confusing and kind of hard mapping to the spec. Spec states 2 or 4-bit suffix (01 for SHA-3 hash function and 1111 for XOF functions). Maybe something like following:
"The starting byte combining the 2 or 4-bit domain separator and 10*1 padding, see Table 6 in B.2 of FIPS PUB 202 for examples".
There is also comment above `setPaddingBytes()` about suffix, now that we added support for SHA-3 XOF, add suffix of "1111" to there as well?
src/java.base/share/classes/sun/security/provider/SHA3.java line 77:
> 75: private long[] state = new long[DM*DM];
> 76:
> 77: // The byte offset in the state where the next sqeeze() will start.
typo: sqeeze -> squeeze
src/java.base/share/classes/sun/security/provider/SHA3.java line 169:
> 167: }
> 168:
> 169: void implSqueeze(byte[]output, int offset, int numBytes) {
nit: add a space after `byte[]`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1735112019
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1735113213
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1744637008
More information about the security-dev
mailing list