Skip to content

8326609: New AES implementation with updates specified in FIPS 197 #27807

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 15 commits into from
Closed

8326609: New AES implementation with updates specified in FIPS 197 #27807

Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
a8f2837
8326609: New AES implementation with updates specified in FIPS 197
smemery Oct 14, 2025
1f742c1
Implement the rest of the class name changes in intrinsics
smemery Oct 14, 2025
af0f9c4
Add vmIntrinsics.hpp updates
smemery Oct 14, 2025
e22da25
Revert AESCrypt to AES_Crypt
smemery Oct 15, 2025
0700371
encryptBlock/decryptBlock methods set to package-private
smemery Oct 15, 2025
3fc25ae
Add remaining files to be staged
smemery Oct 15, 2025
f48160c
Updates for code review comments from @valeriepeng
smemery Oct 15, 2025
fbf2117
Updates for code review comments from @valeriepeng
smemery Oct 16, 2025
9f00c35
Updates for code review comments from @valeriepeng
smemery Oct 16, 2025
a5991a2
Updates for code review comments from @valeriepeng
smemery Oct 16, 2025
2ce35b9
Updates for code review comments from @valeriepeng
smemery Oct 17, 2025
1102c60
Updates for code review comments from @valeriepeng
smemery Oct 17, 2025
e0741b1
Updates for code review comments from @valeriepeng
smemery Oct 17, 2025
5ea6933
Updates for code review comments from @valeriepeng
smemery Oct 19, 2025
fdfd389
Updates for code review comments from @valeriepeng
smemery Oct 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 19 additions & 28 deletions src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -884,7 +884,6 @@ static boolean isKeySizeValid(int len) {
*/
void init(boolean decrypting, String algorithm, byte[] key)
throws InvalidKeyException {
int nk;
int decrypt = decrypting ? 1 : 0;

if (!algorithm.equalsIgnoreCase("AES")
Expand All @@ -893,13 +892,10 @@ void init(boolean decrypting, String algorithm, byte[] key)
}
if (key.length == AESConstants.AES_KEYSIZES[0]) {
rounds = AES_128_ROUNDS;
nk = AESConstants.AES_KEYSIZES[0]/WB;
} else if (key.length == AESConstants.AES_KEYSIZES[1]) {
rounds = AES_192_ROUNDS;
nk = AESConstants.AES_KEYSIZES[1]/WB;
} else if (key.length == AESConstants.AES_KEYSIZES[2]) {
rounds = AES_256_ROUNDS;
nk = AESConstants.AES_KEYSIZES[2]/WB;
} else {
throw new InvalidKeyException("Invalid key length (" + key.length
+ ").");
Expand All @@ -911,8 +907,8 @@ void init(boolean decrypting, String algorithm, byte[] key)
Arrays.fill(sessionK[0], 0);
Arrays.fill(sessionK[1], 0);
}
sessionK[0] = genRKeys(key, nk);
sessionK[1] = invGenRKeys();
sessionK[0] = genRoundKeys(key, rounds);
sessionK[1] = invGenRoundKeys();
if (prevKey != null) {
Arrays.fill(prevKey, (byte) 0);
}
Expand All @@ -922,33 +918,28 @@ void init(boolean decrypting, String algorithm, byte[] key)
}

/**
* Generate the cipher round keys.
* Generate the cipher's round keys as outlined in section 5.2 of the spec.
*
* @param key [in] the symmetric key byte array.
* @param nk [in] the number of words in the key.
*
* @return w the cipher round keys.
*/
private int[] genRKeys(byte[] key, int nk) {
int len = WB, tmp, rW, subWord, g;
int[] w = new int[len * (rounds + 1)];

for (int i = 0; i < nk; i++) {
w[i] = ((key[i * len] & 0xFF) << 24)
| ((key[(i * len) + 1] & 0xFF) << 16)
| ((key[(i * len) + 2] & 0xFF) << 8)
| (key[(i * len) + 3] & 0xFF);
private static int[] genRoundKeys(byte[] key, int rounds) {
int wLen = WB * (rounds + 1);
int[] w = new int[wLen];
int nk = key.length / WB;

for (int i = 0, j = 0; i < nk; i++, j += WB) {
w[i] = ((key[j] & 0xFF) << 24) | ((key[j + 1] & 0xFF) << 16)
| ((key[j + 2] & 0xFF) << 8) | (key[j + 3] & 0xFF);
}
for (int i = nk; i < len * (rounds + 1); i++) {
tmp = w[i - 1];
for (int i = nk; i < wLen; i++) {
int tmp = w[i - 1];
if (i % nk == 0) {
rW = (tmp << 8) & 0xFFFFFF00 | (tmp >>> 24);
subWord = subByte(rW, SBOX);
g = subWord ^ RCON[(i / nk) - 1];
tmp = g;
} else if ((nk > 6) && ((i % nk) == len)) {
subWord = subByte(tmp, SBOX);
tmp = subWord;
int rW = (tmp << 8) & 0xFFFFFF00 | (tmp >>> 24);
tmp = subByte(rW, SBOX) ^ RCON[(i / nk) - 1];
} else if ((nk > 6) && ((i % nk) == WB)) {
tmp = subByte(tmp, SBOX);
}
w[i] = w[i - nk] ^ tmp;
}
Expand Down Expand Up @@ -1000,7 +991,7 @@ private static void invMixRKey(int[] state) {
*
* @return w1 the inverse cipher round keys.
*/
private int[] invGenRKeys() {
private int[] invGenRoundKeys() {
int len = WB;
int kLen = sessionK[0].length;;
int[] w = new int[len];
Expand Down Expand Up @@ -1029,7 +1020,7 @@ private int[] invGenRKeys() {
*
* @return the substituted word.
*/
private int subByte(int state, byte[][] sub) {
private static int subByte(int state, byte[][] sub) {
byte b0 = (byte) (state >>> 24);
byte b1 = (byte) ((state >> 16) & 0xFF);
byte b2 = (byte) ((state >> 8) & 0xFF);
Expand Down