RFR: 8326609: New AES implementation with updates specified in FIPS 197 [v7]
Shawn M Emery
duke at openjdk.org
Thu Oct 16 20:22:22 UTC 2025
On Thu, 16 Oct 2025 19:58:40 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Shawn M Emery has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Updates for code review comments from @valeriepeng
>
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 1040:
>
>> 1038: * @param p [in] the plaintext to be encrypted.
>> 1039: * @param po [in] the plaintext offset in the array of bytes.
>> 1040: * @param c [out] the encrypted ciphertext output.
>
> nit: ciphertext already implied to be encrypted. Maybe no need for the "encrypted" adj.
Agreed. Fixed.
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 1195:
>
>> 1193: ^ T3[(ti0 >> 16) & 0xFF] & 0xFF0000
>> 1194: ^ T0[(ti1 >> 8) & 0xFF] & 0xFF00
>> 1195: ^ T1[ti2 & 0xFF] & 0xFF ^ K[w+3];
>
> Here you always use the last 4 elements of `K`, so you can just use `w = K.length - 4` and no need to keep tracking it in the earlier 2 blocks.
Agreed. I've changed decryption as well. Fixed.
> src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java line 1220:
>
>> 1218: * @param c [in] the ciphertext to be decrypted.
>> 1219: * @param co [in] the ciphertext offset in the array of bytes.
>> 1220: * @param p [out] the decrypted plaintext output.
>
> nit: same comment for removing "decrypted" adj.
Agreed. Fixed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2437361415
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2437361126
PR Review Comment: https://git.openjdk.org/jdk/pull/27807#discussion_r2437362009
More information about the security-dev
mailing list