jdk-sandbox: changeset 51569:46ec360a7014

--- a/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java	Tue Aug 28 14:55:06 2018 +0200
+++ b/src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java	Wed Aug 29 12:00:47 2018 -0400
@@ -70,13 +70,28 @@
     protected final int bitsPerLimb;
     private final long[] posModLimbs;
 
-    // must work when a==r
+    /**
+     * Multiply an IntegerPolynomial representation (a) with a long (b) and
+     * store the result in an IntegerPolynomial representation (r). Requires
+     * that a.length == r.length == numLimbs. It is allowed for a and r to be
+     * the same array.
+     */
     protected abstract void multByInt(long[] a, long b, long[] r);
 
-    // must work when a==r
+    /**
+     * Multiply two IntegerPolynomial representations (a and b) and store the
+     * result in an IntegerPolynomial representation (r). Requires that
+     * a.length == b.length == r.length == numLimbs. It is allowed for a and r
+     * to be the same array.
+     */
     protected abstract void mult(long[] a, long[] b, long[] r);
 
-    // must work when a==r
+    /**
+     * Multiply an IntegerPolynomial representation (a) with itself and store
+     * the result in an IntegerPolynomialRepresentation (r). Requires that
+     * a.length == r.length == numLimbs. It is allowed for a and r
+     * to be the same array.
+     */
     protected abstract void square(long[] a, long[] r);
 
     IntegerPolynomial(int bitsPerLimb,
@@ -240,7 +255,9 @@
         carry(limbs, 0, limbs.length - 1);
     }
 
-    // carry out of the specified position and return the carry value
+    /**
+     * Carry out of the specified position and return the carry value.
+     */
     protected long carryOut(long[] limbs, int index) {
         long carry = carryValue(limbs[index]);
         limbs[index] -= (carry << bitsPerLimb);
@@ -261,9 +278,20 @@
         }
     }
 
+    /**
+     * Carry out of the last limb and reduce back in. This method will be
+     * called as part of the "finalReduce" operation that puts the
+     * representation into a fully-reduced form. It is representation-
+     * specific, because representations have different amounts of empty
+     * space in the high-order limb. Requires that limbs.length=numLimbs.
+     */
     protected abstract void finalCarryReduceLast(long[] limbs);
 
-    // Convert reduced limbs into a number between 0 and MODULUS-1
+    /**
+     * Convert reduced limbs into a number between 0 and MODULUS-1.
+     * Requires that limbs.length == numLimbs. This method only works if the
+     * modulus has at most three terms.
+     */
     protected void finalReduce(long[] limbs) {
 
         // This method works by doing several full carry/reduce operations.
@@ -313,8 +341,10 @@
 
     }
 
-    // v must be final reduced. I.e. all limbs in [0, bitsPerLimb)
-    // and value in [0, modulus)
+    /**
+     * Decode the value in v and store it in dst. Requires that v is final
+     * reduced. I.e. all limbs in [0, 2^bitsPerLimb) and value in [0, modulus).
+     */
     protected void decode(long[] v, byte[] dst, int offset, int length) {
 
         int nextLimbIndex = 0;
@@ -344,12 +374,25 @@
         }
     }
 
+    /**
+     * Add two IntegerPolynomial representations (a and b) and store the result
+     * in an IntegerPolynomialRepresentation (dst). Requires that
+     * a.length == b.length == dst.length. It is allowed for a and
+     * dst to be the same array.
+     */
     protected void addLimbs(long[] a, long[] b, long[] dst) {
         for (int i = 0; i < dst.length; i++) {
             dst[i] = a[i] + b[i];
         }
     }
 
+    /**
+     * Branch-free conditional swap of a and b. Requires that swap is 0 or 1,
+     * and that a.length == b.length. If swap==0, then the values of a and b
+     * will be unchanged. If swap==1, then the values of a and b will be
+     * swapped. The behavior is undefined if swap has any value other than
+     * 0 or 1.
+     */
     protected static void conditionalSwap(int swap, long[] a, long[] b) {
         int maskValue = 0 - swap;
         for (int i = 0; i < a.length; i++) {
@@ -359,6 +402,9 @@
         }
     }
 
+    /**
+     * Stores the reduced, little-endian value of limbs in result.
+     */
     protected void limbsToByteArray(long[] limbs, byte[] result) {
 
         long[] reducedLimbs = limbs.clone();
@@ -367,6 +413,11 @@
         decode(reducedLimbs, result, 0, result.length);
     }
 
+    /**
+     * Add the reduced number corresponding to limbs and other, and store
+     * the low-order bytes of the sum in result. Requires that
+     * limbs.length==other.length. The result array may have any length.
+     */
     protected void addLimbsModPowerTwo(long[] limbs, long[] other,
                                        byte[] result) {

--- a/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java	Tue Aug 28 14:55:06 2018 +0200
+++ b/src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java	Wed Aug 29 12:00:47 2018 -0400
@@ -186,7 +186,7 @@
             throw new IllegalStateException("Not initialized correctly");
         }
         int secretLen = this.secret.length;
-        if (offset + secretLen > sharedSecret.length) {
+        if (secretLen > sharedSecret.length - offset) {
             throw new ShortBufferException("Need " + secretLen
                 + " bytes, only " + (sharedSecret.length - offset)
                 + " available");

author	apetcher
	Wed, 29 Aug 2018 12:00:47 -0400
changeset 51569	46ec360a7014
parent 51568	0157a3ab61b1
child 51577	64331e014bc7

src/java.base/share/classes/sun/security/util/math/intpoly/IntegerPolynomial.java		file \| annotate \| diff \| comparison \| revisions
src/jdk.crypto.ec/share/classes/sun/security/ec/XDHKeyAgreement.java		file \| annotate \| diff \| comparison \| revisions