From 490ff9d635bf8e5f4f7da86a6ffc430fbbe3b90e Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Thu, 6 Nov 2025 23:03:26 -0700 Subject: [PATCH 1/6] 8371450: AES performance improvements for key schedule generation --- .../com/sun/crypto/provider/AES_Crypt.java | 31 +++++++++---------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index 6e3e6144affc9..37d732f78fdaf 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -974,27 +974,25 @@ private static int[] genRoundKeys(byte[] key, int rounds) { */ private static int[] genInvRoundKeys(int[] w, int rounds) { int kLen = w.length;; - int[] temp = new int[WB]; int[] dw = new int[kLen]; // Intrinsics requires the inverse key expansion to be reverse order // except for the first and last round key as the first two round keys // are without a mix column transform. for (int i = 1; i < rounds; i++) { - System.arraycopy(w, i * WB, temp, 0, WB); - temp[0] = TMI0[temp[0] >>> 24] ^ TMI1[(temp[0] >> 16) & 0xFF] - ^ TMI2[(temp[0] >> 8) & 0xFF] ^ TMI3[temp[0] & 0xFF]; - temp[1] = TMI0[temp[1] >>> 24] ^ TMI1[(temp[1] >> 16) & 0xFF] - ^ TMI2[(temp[1] >> 8) & 0xFF] ^ TMI3[temp[1] & 0xFF]; - temp[2] = TMI0[temp[2] >>> 24] ^ TMI1[(temp[2] >> 16) & 0xFF] - ^ TMI2[(temp[2] >> 8) & 0xFF] ^ TMI3[temp[2] & 0xFF]; - temp[3] = TMI0[temp[3] >>> 24] ^ TMI1[(temp[3] >> 16) & 0xFF] - ^ TMI2[(temp[3] >> 8) & 0xFF] ^ TMI3[temp[3] & 0xFF]; - System.arraycopy(temp, 0, dw, kLen - (i * WB), WB); + int widx = i * WB; + int idx = kLen - widx; + dw[idx] = TMI0[w[widx] >>> 24] ^ TMI1[(w[widx] >> 16) & 0xFF] + ^ TMI2[(w[widx] >> 8) & 0xFF] ^ TMI3[w[widx] & 0xFF]; + dw[idx+1] = TMI0[w[widx+1] >>> 24] ^ TMI1[(w[widx+1] >> 16) & 0xFF] + ^ TMI2[(w[widx+1] >> 8) & 0xFF] ^ TMI3[w[widx+1] & 0xFF]; + dw[idx+2] = TMI0[w[widx+2] >>> 24] ^ TMI1[(w[widx+2] >> 16) & 0xFF] + ^ TMI2[(w[widx+2] >> 8) & 0xFF] ^ TMI3[w[widx+2] & 0xFF]; + dw[idx+3] = TMI0[w[widx+3] >>> 24] ^ TMI1[(w[widx+3] >> 16) & 0xFF] + ^ TMI2[(w[widx+3] >> 8) & 0xFF] ^ TMI3[w[widx+3] & 0xFF]; } System.arraycopy(w, kLen - WB, dw, WB, WB); System.arraycopy(w, 0, dw, 0, WB); - Arrays.fill(temp, 0); return dw; } @@ -1008,15 +1006,14 @@ private static int[] genInvRoundKeys(int[] w, int rounds) { * @return the substituted word. */ private static int subWord(int word) { - byte b0 = (byte) (word >>> 24); - byte b1 = (byte) ((word >> 16) & 0xFF); - byte b2 = (byte) ((word >> 8) & 0xFF); - byte b3 = (byte) (word & 0xFF); + byte b0 = (byte) (word >> 24); + byte b1 = (byte) (word >> 16); + byte b2 = (byte) (word >> 8); return ((SBOX[(b0 & 0xF0) >> 4][b0 & 0x0F] & 0xFF) << 24) | ((SBOX[(b1 & 0xF0) >> 4][b1 & 0x0F] & 0xFF) << 16) | ((SBOX[(b2 & 0xF0) >> 4][b2 & 0x0F] & 0xFF) << 8) - | (SBOX[(b3 & 0xF0) >> 4][b3 & 0x0F] & 0xFF); + | (SBOX[(word & 0xF0) >> 4][word & 0x0F] & 0xFF); } /** From c462a58e84e8c7dcc9d0c001a625f2b2674fdacf Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Fri, 7 Nov 2025 01:03:47 -0700 Subject: [PATCH 2/6] Fix tabs to whitespaces --- .../share/classes/com/sun/crypto/provider/AES_Crypt.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index 37d732f78fdaf..ad198020e85e1 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -980,8 +980,9 @@ private static int[] genInvRoundKeys(int[] w, int rounds) { // except for the first and last round key as the first two round keys // are without a mix column transform. for (int i = 1; i < rounds; i++) { - int widx = i * WB; - int idx = kLen - widx; + int widx = i * WB; + int idx = kLen - widx; + dw[idx] = TMI0[w[widx] >>> 24] ^ TMI1[(w[widx] >> 16) & 0xFF] ^ TMI2[(w[widx] >> 8) & 0xFF] ^ TMI3[w[widx] & 0xFF]; dw[idx+1] = TMI0[w[widx+1] >>> 24] ^ TMI1[(w[widx+1] >> 16) & 0xFF] From 0e9d14f935d02accf2f05077fe97492e1283b1ed Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Fri, 7 Nov 2025 17:39:44 -0700 Subject: [PATCH 3/6] Updates for code review comments from @jnimeh --- .../com/sun/crypto/provider/AES_Crypt.java | 34 ++++++++++++------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index ad198020e85e1..96373b0388df0 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -941,6 +941,7 @@ void init(boolean decrypting, String algorithm, byte[] key) * Generate the cipher's round keys as outlined in section 5.2 of the spec. * * @param key [in] the symmetric key byte array. + * @param round [in] the number rounds for generating the round keys. * * @return w the cipher round keys. */ @@ -970,29 +971,37 @@ private static int[] genRoundKeys(byte[] key, int rounds) { /** * Generate the inverse cipher round keys. * - * @return w1 the inverse cipher round keys. + * @param w [in] the targeted word for substituion. + * @param round [in] the number rounds for generating the round keys. + * + * @return dw the inverse cipher round keys. */ private static int[] genInvRoundKeys(int[] w, int rounds) { - int kLen = w.length;; - int[] dw = new int[kLen]; + int[] dw = new int[w.length]; // Intrinsics requires the inverse key expansion to be reverse order // except for the first and last round key as the first two round keys // are without a mix column transform. for (int i = 1; i < rounds; i++) { int widx = i * WB; - int idx = kLen - widx; + int idx = w.length - widx; dw[idx] = TMI0[w[widx] >>> 24] ^ TMI1[(w[widx] >> 16) & 0xFF] ^ TMI2[(w[widx] >> 8) & 0xFF] ^ TMI3[w[widx] & 0xFF]; - dw[idx+1] = TMI0[w[widx+1] >>> 24] ^ TMI1[(w[widx+1] >> 16) & 0xFF] - ^ TMI2[(w[widx+1] >> 8) & 0xFF] ^ TMI3[w[widx+1] & 0xFF]; - dw[idx+2] = TMI0[w[widx+2] >>> 24] ^ TMI1[(w[widx+2] >> 16) & 0xFF] - ^ TMI2[(w[widx+2] >> 8) & 0xFF] ^ TMI3[w[widx+2] & 0xFF]; - dw[idx+3] = TMI0[w[widx+3] >>> 24] ^ TMI1[(w[widx+3] >> 16) & 0xFF] - ^ TMI2[(w[widx+3] >> 8) & 0xFF] ^ TMI3[w[widx+3] & 0xFF]; + dw[idx + 1] = TMI0[w[widx + 1] >>> 24] + ^ TMI1[(w[widx + 1] >> 16) & 0xFF] + ^ TMI2[(w[widx + 1] >> 8) & 0xFF] + ^ TMI3[w[widx + 1] & 0xFF]; + dw[idx + 2] = TMI0[w[widx + 2] >>> 24] + ^ TMI1[(w[widx + 2] >> 16) & 0xFF] + ^ TMI2[(w[widx + 2] >> 8) & 0xFF] + ^ TMI3[w[widx + 2] & 0xFF]; + dw[idx + 3] = TMI0[w[widx + 3] >>> 24] + ^ TMI1[(w[widx + 3] >> 16) & 0xFF] + ^ TMI2[(w[widx + 3] >> 8) & 0xFF] + ^ TMI3[w[widx + 3] & 0xFF]; } - System.arraycopy(w, kLen - WB, dw, WB, WB); + System.arraycopy(w, w.length - WB, dw, WB, WB); System.arraycopy(w, 0, dw, 0, WB); return dw; @@ -1001,8 +1010,7 @@ private static int[] genInvRoundKeys(int[] w, int rounds) { /** * Subtitute the word as a step of key expansion. * - * @param state [in] the targeted word for substituion. - * @param sub [in] the substitute table for cipher and inverse cipher. + * @param word [in] the targeted word for substituion. * * @return the substituted word. */ From 55e052f69ec787cfceee18923bdb1d31641a129e Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Sat, 8 Nov 2025 21:25:52 -0700 Subject: [PATCH 4/6] Clean up comments - take two --- .../share/classes/com/sun/crypto/provider/AES_Crypt.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index 96373b0388df0..04e87221183c7 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -941,9 +941,9 @@ void init(boolean decrypting, String algorithm, byte[] key) * Generate the cipher's round keys as outlined in section 5.2 of the spec. * * @param key [in] the symmetric key byte array. - * @param round [in] the number rounds for generating the round keys. + * @param rounds [in] the number rounds for generating the round keys. * - * @return w the cipher round keys. + * @return the cipher round keys. */ private static int[] genRoundKeys(byte[] key, int rounds) { int wLen = WB * (rounds + 1); @@ -972,9 +972,9 @@ private static int[] genRoundKeys(byte[] key, int rounds) { * Generate the inverse cipher round keys. * * @param w [in] the targeted word for substituion. - * @param round [in] the number rounds for generating the round keys. + * @param rounds [in] the number rounds for generating the round keys. * - * @return dw the inverse cipher round keys. + * @return the inverse cipher round keys. */ private static int[] genInvRoundKeys(int[] w, int rounds) { int[] dw = new int[w.length]; From fc2d16625056fa781e64e94b7ce7078e06b1254d Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Mon, 10 Nov 2025 16:27:12 -0700 Subject: [PATCH 5/6] Update for code review comments from @valeriepeng --- .../share/classes/com/sun/crypto/provider/AES_Crypt.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index 04e87221183c7..23a8f23b409d4 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -971,8 +971,8 @@ private static int[] genRoundKeys(byte[] key, int rounds) { /** * Generate the inverse cipher round keys. * - * @param w [in] the targeted word for substituion. - * @param rounds [in] the number rounds for generating the round keys. + * @param w [in] the targeted word for substitution. + * @param rounds [in] the number of rounds for generating the round keys. * * @return the inverse cipher round keys. */ @@ -1008,9 +1008,9 @@ private static int[] genInvRoundKeys(int[] w, int rounds) { } /** - * Subtitute the word as a step of key expansion. + * Substitute the word as a step of key expansion. * - * @param word [in] the targeted word for substituion. + * @param word [in] the targeted word for substitution. * * @return the substituted word. */ From 2718a1256f0f8685b67251c39b2064b214b4712f Mon Sep 17 00:00:00 2001 From: Shawn M Emery Date: Mon, 10 Nov 2025 22:34:26 -0700 Subject: [PATCH 6/6] Comment updates - take three --- .../share/classes/com/sun/crypto/provider/AES_Crypt.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java index 23a8f23b409d4..19dceae01af97 100644 --- a/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java +++ b/src/java.base/share/classes/com/sun/crypto/provider/AES_Crypt.java @@ -941,7 +941,7 @@ void init(boolean decrypting, String algorithm, byte[] key) * Generate the cipher's round keys as outlined in section 5.2 of the spec. * * @param key [in] the symmetric key byte array. - * @param rounds [in] the number rounds for generating the round keys. + * @param rounds [in] the number of rounds for generating the round keys. * * @return the cipher round keys. */