RFR: 8326609: New AES implementation with updates specified in FIPS 197 [v5]
Shawn M Emery
duke at openjdk.org
Thu Oct 16 05:14:44 UTC 2025
On Thu, 16 Oct 2025 04:49:11 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Shawn M Emery has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Updates for code review comments from @valeriepeng
>
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 1032:
>
>> 1030: * @return the substituted word.
>> 1031: */
>> 1032: private int subByte(int state, byte[][] sub) {
>
> Given the input and output are both `int` type, i.e. word, maybe it's better named as `subWord` ? This also matches the pseudocode routine name used in the spec.
> This method also can be made static. It seems that `sub` is always the static `SBOX`, maybe we don't have to use an argument to pass it?
> nit: the variable name `state` is a bit misleading as we are only using part of it. A state is consisting of 4 words and the input here is only 1 word.
Good, it was a byte operation, but evolved to a word.
Last commit made it a static.
Yes, before I switched over to a LUT for the inverse mix column transform of the inverse key expansion it needed both, but doesn't anymore.
I'll switch from state to word then.
Fixed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2434594049
More information about the security-dev
mailing list