On Tue, 16 May 2023 09:18:57 GMT, Aleksey Shipilev wrote:
>> One of our services has a hot path with AES/GCM cipher reuse. The JDK code
>> reinitializes the session key on that path, and
>> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up
>> prominently there.
>>
>> Fixing
On Thu, 18 May 2023 07:18:04 GMT, Aleksey Shipilev wrote:
> > jdk_security or tier2.
>
> Gotcha, I already tested both, see "Additional Testing" section in PR.
Thanks!
-
PR Comment: https://git.openjdk.org/jdk/pull/13996#issuecomment-1553126729
On Thu, 18 May 2023 07:16:31 GMT, Xue-Lei Andrew Fan wrote:
> jdk_security or tier2.
Gotcha, I already tested both, see "Additional Testing" section in PR.
-
PR Comment: https://git.openjdk.org/jdk/pull/13996#issuecomment-1552619095
On Thu, 18 May 2023 06:44:10 GMT, Aleksey Shipilev wrote:
> > Looks good to me. Please make sure the security regression testing passed.
>
> Thanks! By "security regression testing" that you mean `jdk_security`, or
> something else?
jdk_security or tier2.
-
PR Comment:
On Wed, 17 May 2023 20:09:50 GMT, Xue-Lei Andrew Fan wrote:
> Looks good to me. Please make sure the security regression testing passed.
Thanks! By "security regression testing" that you mean `jdk_security`, or
something else?
-
PR Comment:
On Tue, 16 May 2023 09:18:57 GMT, Aleksey Shipilev wrote:
>> One of our services has a hot path with AES/GCM cipher reuse. The JDK code
>> reinitializes the session key on that path, and
>> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up
>> prominently there.
>>
>> Fixing
On Tue, 16 May 2023 09:18:57 GMT, Aleksey Shipilev wrote:
>> One of our services has a hot path with AES/GCM cipher reuse. The JDK code
>> reinitializes the session key on that path, and
>> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up
>> prominently there.
>>
>> Fixing
On Wed, 17 May 2023 12:57:15 GMT, Aleksey Shipilev wrote:
> @XueleiFan, or anyone else, please take a look?
I will have a look, but I may need more time.
-
PR Comment: https://git.openjdk.org/jdk/pull/13996#issuecomment-1551895053
On Tue, 16 May 2023 09:18:57 GMT, Aleksey Shipilev wrote:
>> One of our services has a hot path with AES/GCM cipher reuse. The JDK code
>> reinitializes the session key on that path, and
>> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up
>> prominently there.
>>
>> Fixing
On Tue, 16 May 2023 09:28:11 GMT, Aleksey Shipilev wrote:
>> True, let me try that!
>
> New commit implements this, with even more performance benefits.
Excellent, thanks!
-
PR Review Comment: https://git.openjdk.org/jdk/pull/13996#discussion_r1195043072
On Tue, 16 May 2023 06:28:17 GMT, Aleksey Shipilev wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 1372:
>>
>>> 1370:
>>> 1371: // It is significantly faster to allocate individual arrays,
>>> 1372: // instead of doing the multi-array
On Tue, 16 May 2023 08:29:52 GMT, Aleksey Shipilev wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/AESCrypt.java line 1369:
>>
>>> 1367: int BC = 4;
>>> 1368: int[][] Ke = new int[ROUNDS + 1][]; // encryption round keys
>>> 1369: int[][] Kd = new int[ROUNDS
> One of our services has a hot path with AES/GCM cipher reuse. The JDK code
> reinitializes the session key on that path, and
> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) shows up
> prominently there. While
> [JDK-8308105](https://bugs.openjdk.org/browse/JDK-8308105) is being
13 matches
Mail list logo
