RFR: 8374755: ML-KEM's 12-bit decompression uses incorrect assertions [v2]
Ferenc Rakoczi
duke at openjdk.org
Wed Jan 14 13:06:15 UTC 2026
> The preconditions for the aarch64 and the AVX-512 intrinsic implementations of the implKyber12To16() method of com.sun.crypto.provider.ML_KEM are different and the AVX-512 one has stricter preconditions on the input, which was not recorded in the assert() before calling the function (although they were satisfied by all calling code). Now the assert() is corrected, and with these preconditions, the aarch64 implementation is simplified.
Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
Fix off-by-one error discovered by Shawn
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/29141/files
- new: https://git.openjdk.org/jdk/pull/29141/files/f2437a69..2fca58bd
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=29141&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=29141&range=00-01
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/29141.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/29141/head:pull/29141
PR: https://git.openjdk.org/jdk/pull/29141
More information about the security-dev
mailing list