8130341: GHASH 32bit intrinsics has AEADBadTagException
authorascarpino
Fri, 10 Jul 2015 11:31:49 -0700
changeset 31771 c9f593020799
parent 31636 75c6dcc9351d
child 31772 718fc367468d
8130341: GHASH 32bit intrinsics has AEADBadTagException Reviewed-by: kvn, mcberg
hotspot/src/cpu/x86/vm/stubGenerator_x86_32.cpp
hotspot/test/compiler/codegen/7184394/TestAESBase.java
hotspot/test/compiler/codegen/7184394/TestAESDecode.java
hotspot/test/compiler/codegen/7184394/TestAESEncode.java
--- a/hotspot/src/cpu/x86/vm/stubGenerator_x86_32.cpp	Thu Jul 09 22:46:16 2015 -0700
+++ b/hotspot/src/cpu/x86/vm/stubGenerator_x86_32.cpp	Fri Jul 10 11:31:49 2015 -0700
@@ -2780,6 +2780,7 @@
     const XMMRegister xmm_temp7 = xmm7;
 
     __ enter();
+    handleSOERegisters(true);  // Save registers
 
     __ movptr(state, state_param);
     __ movptr(subkeyH, subkeyH_param);
@@ -2883,6 +2884,7 @@
     __ pshufb(xmm_temp6, ExternalAddress(StubRoutines::x86::ghash_long_swap_mask_addr()));
     __ movdqu(Address(state, 0), xmm_temp6);   // store the result
 
+    handleSOERegisters(false);  // restore registers
     __ leave();
     __ ret(0);
     return start;
--- a/hotspot/test/compiler/codegen/7184394/TestAESBase.java	Thu Jul 09 22:46:16 2015 -0700
+++ b/hotspot/test/compiler/codegen/7184394/TestAESBase.java	Fri Jul 10 11:31:49 2015 -0700
@@ -61,12 +61,12 @@
   final Random random = Utils.getRandomInstance();
   Cipher cipher;
   Cipher dCipher;
-  AlgorithmParameters algParams;
+  AlgorithmParameters algParams = null;
   SecretKey key;
   GCMParameterSpec gcm_spec;
-  byte[] aad;
+  byte[] aad = { 0x11, 0x22, 0x33, 0x44, 0x55 };
   int tlen = 12;
-  byte[] iv;
+  byte[] iv = new byte[16];
 
   static int numThreads = 0;
   int  threadId;
@@ -80,7 +80,10 @@
 
   public void prepare() {
     try {
-    System.out.println("\nalgorithm=" + algorithm + ", mode=" + mode + ", paddingStr=" + paddingStr + ", msgSize=" + msgSize + ", keySize=" + keySize + ", noReinit=" + noReinit + ", checkOutput=" + checkOutput + ", encInputOffset=" + encInputOffset + ", encOutputOffset=" + encOutputOffset + ", decOutputOffset=" + decOutputOffset + ", lastChunkSize=" +lastChunkSize );
+      System.out.println("\nalgorithm=" + algorithm + ", mode=" + mode + ", paddingStr=" + paddingStr +
+              ", msgSize=" + msgSize + ", keySize=" + keySize + ", noReinit=" + noReinit +
+              ", checkOutput=" + checkOutput + ", encInputOffset=" + encInputOffset + ", encOutputOffset=" +
+              encOutputOffset + ", decOutputOffset=" + decOutputOffset + ", lastChunkSize=" +lastChunkSize );
 
       if (encInputOffset % ALIGN != 0 || encOutputOffset % ALIGN != 0 || decOutputOffset % ALIGN !=0 )
         testingMisalignment = true;
@@ -101,22 +104,24 @@
       cipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE");
       dCipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE");
 
+      // CBC init
       if (mode.equals("CBC")) {
-        int ivLen = (algorithm.equals("AES") ? 16 : algorithm.equals("DES") ? 8 : 0);
-        IvParameterSpec initVector = new IvParameterSpec(new byte[ivLen]);
+        IvParameterSpec initVector = new IvParameterSpec(iv);
         cipher.init(Cipher.ENCRYPT_MODE, key, initVector);
+        algParams = cipher.getParameters();
+        dCipher.init(Cipher.DECRYPT_MODE, key, initVector);
+
+      // GCM init
       } else if (mode.equals("GCM")) {
-          iv = new byte[64];
-          random.nextBytes(iv);
-          aad = new byte[5];
-          random.nextBytes(aad);
-          gcm_init();
+        gcm_init(true);
+        gcm_init(false);
+
+      // ECB init
       } else {
-        algParams = cipher.getParameters();
         cipher.init(Cipher.ENCRYPT_MODE, key, algParams);
+        dCipher.init(Cipher.DECRYPT_MODE, key, algParams);
       }
-      algParams = cipher.getParameters();
-      dCipher.init(Cipher.DECRYPT_MODE, key, algParams);
+
       if (threadId == 0) {
         childShowCipher();
       }
@@ -198,11 +203,18 @@
 
   abstract void childShowCipher();
 
-  void gcm_init() throws Exception {
-    tlen = 12;
+  void gcm_init(boolean encrypt) throws Exception {
     gcm_spec = new GCMParameterSpec(tlen * 8, iv);
-    cipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE");
-    cipher.init(Cipher.ENCRYPT_MODE, key, gcm_spec);
-    cipher.update(aad);
+    if (encrypt) {
+      // Get a new instance everytime because of reuse IV restrictions
+      cipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE");
+      cipher.init(Cipher.ENCRYPT_MODE, key, gcm_spec);
+      cipher.updateAAD(aad);
+    } else {
+      dCipher.init(Cipher.DECRYPT_MODE, key, gcm_spec);
+      dCipher.updateAAD(aad);
+
+
+    }
   }
 }
--- a/hotspot/test/compiler/codegen/7184394/TestAESDecode.java	Thu Jul 09 22:46:16 2015 -0700
+++ b/hotspot/test/compiler/codegen/7184394/TestAESDecode.java	Fri Jul 10 11:31:49 2015 -0700
@@ -32,7 +32,11 @@
   @Override
   public void run() {
     try {
-      if (!noReinit) dCipher.init(Cipher.DECRYPT_MODE, key, algParams);
+      if (mode.equals("GCM")) {
+        gcm_init(false);
+      } else if (!noReinit) {
+        dCipher.init(Cipher.DECRYPT_MODE, key, algParams);
+      }
       decode = new byte[decodeLength];
       if (testingMisalignment) {
         int tempSize = dCipher.update(encode, encOutputOffset, (decodeMsgSize - lastChunkSize), decode, decOutputOffset);
--- a/hotspot/test/compiler/codegen/7184394/TestAESEncode.java	Thu Jul 09 22:46:16 2015 -0700
+++ b/hotspot/test/compiler/codegen/7184394/TestAESEncode.java	Fri Jul 10 11:31:49 2015 -0700
@@ -33,7 +33,7 @@
   public void run() {
     try {
       if (mode.equals("GCM")) {
-        gcm_init();
+        gcm_init(true);
       } else if (!noReinit) {
         cipher.init(Cipher.ENCRYPT_MODE, key, algParams);
       }