On Sat, 24 Aug 2024 19:11:09 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> In preparation for the new PQC algorithms implementations, internal XOF
>> (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256
>> implementations.
>
> src/java.base/share/classes/sun/security/provider/SHA3.java line 72:
>
>> 70: private final byte suffix;
>> 71: private long[] state = new long[DM*DM];
>> 72: private int squeezeOffset = -1;
>
> Add some comment for `squeezeOffset`.
I am adding the comment.
> src/java.base/share/classes/sun/security/provider/SHA3.java line 154:
>
>> 152: System.arraycopy(byteState, 0,
>> 153: out, ofs, numBytes - (numLongs - 1) * 8);
>> 154: }
>
> I still think you can set `numLongs` to be `numBytes/8`. Then there is no
> need to do a single set on line 149. The code will be
>
> int numLongs = numBytes / 8;
>
> for (int i = 0; i < numLongs; i++) {
> asLittleEndian.set(out, ofs, state[i]);
> ofs += 8;
> }
> if (numBytes % 8 != 0) {
> byte[] byteState = new byte[8];
> asLittleEndian.set(byteState, 0, state[numLongs]);
> System.arraycopy(byteState, 0, out, ofs, numBytes % 8);
> }
I am changing it as suggested.
> src/java.base/share/classes/sun/security/provider/SHA3.java line 434:
>
>> 432: /*
>> 433: * The SHAKE128 extendable output function.
>> 434: */
>
> Please add a comment describing what would happen if `update` is called after
> `squeeze`.
I am doing that.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1731320009
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1731318891
PR Review Comment: https://git.openjdk.org/jdk/pull/20631#discussion_r1731319493
