RFR: 8371820: Further AES performance improvements for key schedule generation [v2]
Martin Doerr
mdoerr at openjdk.org
Fri Nov 14 12:13:27 UTC 2025
On Fri, 14 Nov 2025 07:41:05 GMT, Shawn M Emery <duke at openjdk.org> wrote:
>> Martin Doerr has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Improve comment and minor cleanup.
>
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 59:
>
>> 57: // Following attribute is specific to Intrinsics where the unprocessed
>> 58: // key is used for PPC64, S390, and RISCV64 architectures, whereas K is
>> 59: // used for everything else.
>
> I would change this to:
> // Following attributes (sessionKe and K) are specific to Intrinsics, where sessionKe
> // is the unprocessed key that is used for PPC64, S390, and RISCV64 architectures,
> // whereas K is used for everything else.
Updated. I have also cleaned up the hotspot part a bit.
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 61:
>
>> 59: // used for everything else.
>> 60: private int[] sessionKe = null; // key for encryption
>> 61: private int[] sessionKd = null; // preprocessed key for decryption
>
> We really don't need sessionKd, since it's just assigned to K, but I'm fine leaving it as is.
Currently, `sessionKd` is needed if we switch between encryption and decryption while using the same key. We could easier remove `K` and pass the information to `LibraryCallKit::get_key_start_from_aescrypt_object` if we are doing encryption or decryption. I can change that if you want, but I'm not sure if it's worth the effort.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28299#discussion_r2527275801
PR Review Comment: https://git.openjdk.org/jdk/pull/28299#discussion_r2527271643
More information about the security-dev
mailing list