RFR: 8326609: New AES implementation with updates specified in FIPS 197 [v4]
Shawn M Emery
duke at openjdk.org
Wed Oct 15 23:04:11 UTC 2025
On Wed, 15 Oct 2025 17:55:58 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Shawn M Emery has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Add remaining files to be staged
>
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 43:
>
>> 41: * https://www.internationaljournalcorner.com/index.php/ijird_ojs/article/view/134688
>> 42: */
>> 43: public final class AES_Crypt extends SymmetricCipher {
>
> This internal class does not need to be public? I'd assume it's only used within the same package?
You're right, it doesn't appear to be used externally. Fixed.
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 920:
>
>> 918: if (prevKey != null) {
>> 919: Arrays.fill(prevKey, (byte) 0);
>> 920: }
>
> Can be moved down to be right before `prevKey = key.clone()` call? This way, `sessionK` assignments are together and not separated by this call
It can be and I agree. Fixed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2434164829
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2434165068
More information about the security-dev
mailing list