RFR: 8371864: GaloisCounterMode.implGCMCrypt0 AVX512/AVX2 intrinsics stubs cause AES-GCM encryption failure for certain payload sizes [v7]
Jiangli Zhou
jiangli at openjdk.org
Fri Nov 21 01:31:39 UTC 2025
> Please review the fix in StubGenerator::aesgcm_avx512 and StubGenerator::aesgcm_avx2 to handle some edge cases with input sizes that are not multiple of the block size.
>
> Thanks to Thomas Holenstein and Lukas Zobernig for analyzing the issue and providing the test case!
Jiangli Zhou has updated the pull request incrementally with one additional commit since the last revision:
Change to just create a byte array for 'nonce' without generating random data in gcmDecrypt. Suggested by AI.
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/28363/files
- new: https://git.openjdk.org/jdk/pull/28363/files/8617ab4c..d26d0ee9
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=28363&range=06
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=28363&range=05-06
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/28363.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/28363/head:pull/28363
PR: https://git.openjdk.org/jdk/pull/28363
More information about the security-dev
mailing list