On Mon, 22 Mar 2021 18:48:47 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> This change updates SunJCE provider as below: >> - updated existing AESWrap support with AES/KW/NoPadding cipher >> transformation. >> - added support for AES/KWP/NoPadding and AES/KW/PKCS5Padding. >> >> Existing AESWrap impl, i.e. AESWrapCipher class, is re-factored and renamed >> to KeyWrapCipher class. The W and W_inverse functions are moved to KWUtil >> class. The KW and KWP support are in the new AESKeyWrap and AESKeyWrapPadded >> classes which extend FeedbackCipher and used in KeyWrapCipher class. To >> minimize data copying, AESKeyWrap and AESKeyWrapPadded will do the crypto >> operation over the same input buffer which is allocated and managed by >> KeyWrapCipher class. >> >> Also note that existing AESWrap impl does not take IV. However, the >> corresponding PKCS#11 mechanisms do, so I added support for accepting IVs to >> both KW and KWP. >> >> Thanks, >> Valerie > > Ping, anyone has time to review this? > > > _Mailing list message from [Michael StJohns](mailto:mstjo...@comcast.net) on > [security-dev](mailto:security-dev@openjdk.java.net):_ > > On 3/23/2021 4:15 PM, Greg Rubin wrote: > > > > 177: System.out.println("Testing " + ALGO); > > > 178: c = Cipher.getInstance(ALGO, "SunJCE"); > > > 179: for (int i = 0; i < MAX_KWP_PAD_LEN; i++) { > > > I see that here (and earlier) we do test all padding lengths. I'd still > > > like some KATs generated by a known good implementation to ensure that we > > > are not just compatible with ourselves. > > http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip has > the NIST test vectors.? See > https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/KWVS.pdf > for details. > > Mike > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20210323/e1a400db/attachment.htm> Sure, I will add some, thanks Mike for the pointers. ------------- PR: https://git.openjdk.java.net/jdk/pull/2404
