From 3187347a26fd93cb5746ca2cfbdfce045116201f Mon Sep 17 00:00:00 2001
From: kuenking111 <wangkun49@huawei.com>
Date: Fri, 16 Sep 2022 14:54:08 +0800
Subject: [PATCH] I5RFYJ: 8200332 Improve GCM counting

---
 8200332-Improve-GCM-counting.patch | 68 ++++++++++++++++++++++++++++++
 openjdk-1.8.0.spec                 |  7 ++-
 2 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 8200332-Improve-GCM-counting.patch

diff --git a/8200332-Improve-GCM-counting.patch b/8200332-Improve-GCM-counting.patch
new file mode 100644
index 0000000..5990053
--- /dev/null
+++ b/8200332-Improve-GCM-counting.patch
@@ -0,0 +1,68 @@
+From 30883daeac796c877a765cedee52f27f51444203 Mon Sep 17 00:00:00 2001
+Date: Thu, 8 Sep 2022 10:22:32 +0800
+Subject: 8200332: Improve GCM counting
+
+Bug url: https://bugs.openjdk.org/browse/JDK-8200332
+---
+ .../classes/com/sun/crypto/provider/GCTR.java | 31 ++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/jdk/src/share/classes/com/sun/crypto/provider/GCTR.java b/jdk/src/share/classes/com/sun/crypto/provider/GCTR.java
+index 6a394e448..1ab0f63db 100644
+--- a/jdk/src/share/classes/com/sun/crypto/provider/GCTR.java
++++ b/jdk/src/share/classes/com/sun/crypto/provider/GCTR.java
+@@ -29,6 +29,8 @@
+ 
+ package com.sun.crypto.provider;
+ 
++import java.nio.ByteBuffer;
++import java.nio.ByteOrder;
+ import javax.crypto.IllegalBlockSizeException;
+ import static com.sun.crypto.provider.AESConstants.AES_BLOCK_SIZE;
+ 
+@@ -68,6 +70,15 @@ final class GCTR extends CounterMode {
+         return "GCTR";
+     }
+ 
++    // return the number of blocks until the lower 32 bits roll over
++    private long blocksUntilRollover() {
++        ByteBuffer buf = ByteBuffer.wrap(counter, counter.length - 4, 4);
++        buf.order(ByteOrder.BIG_ENDIAN);
++        long ctr32 = 0xFFFFFFFFL & buf.getInt();
++        long blocksLeft = (1L << 32) - ctr32;
++        return blocksLeft;
++    }
++
+     // input must be multiples of 128-bit blocks when calling update
+     int update(byte[] in, int inOfs, int inLen, byte[] out, int outOfs) {
+         if (inLen - inOfs > in.length) {
+@@ -80,7 +91,25 @@ final class GCTR extends CounterMode {
+             throw new RuntimeException("output buffer too small");
+         }
+ 
+-        return encrypt(in, inOfs, inLen, out, outOfs);
++        long blocksLeft = blocksUntilRollover();
++        int numOfCompleteBlocks = inLen / AES_BLOCK_SIZE;
++        if (numOfCompleteBlocks >= blocksLeft) {
++            // Counter Mode encryption cannot be used because counter will
++            // roll over incorrectly. Use GCM-specific code instead.
++            byte[] encryptedCntr = new byte[AES_BLOCK_SIZE];
++            for (int i = 0; i < numOfCompleteBlocks; i++) {
++                embeddedCipher.encryptBlock(counter, 0, encryptedCntr, 0);
++                for (int n = 0; n < AES_BLOCK_SIZE; n++) {
++                    int index = (i * AES_BLOCK_SIZE + n);
++                    out[outOfs + index] =
++                        (byte) ((in[inOfs + index] ^ encryptedCntr[n]));
++                }
++                GaloisCounterMode.increment32(counter);
++            }
++            return inLen;
++        } else {
++            return encrypt(in, inOfs, inLen, out, outOfs);
++        }
+     }
+ 
+     // input can be arbitrary size when calling doFinal
+-- 
+2.22.0
+
diff --git a/openjdk-1.8.0.spec b/openjdk-1.8.0.spec
index b25b7eb..441b90f 100644
--- a/openjdk-1.8.0.spec
+++ b/openjdk-1.8.0.spec
@@ -916,7 +916,7 @@ Provides: java-%{javaver}-%{origin}-accessibility%{?1} = %{epoch}:%{version}-%{r
 
 Name:    java-%{javaver}-%{origin}
 Version: %{javaver}.%{updatever}.%{buildver}
-Release: 7
+Release: 8
 # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons
 # and this change was brought into RHEL-4. java-1.5.0-ibm packages
 # also included the epoch in their virtual provides. This created a
@@ -1143,6 +1143,7 @@ Patch253: 8143925-enhancing-CounterMode.crypt-for-AESCrypt.patch
 Patch254: kae-usability-enhancement.patch
 Patch255: Dynamic-CDS-Archive.patch
 Patch256: 8202951-Support-default-jsa.patch
+Patch257: 8200332-Improve-GCM-counting.patch
 
 #############################################
 #
@@ -1626,6 +1627,7 @@ pushd %{top_level_dir_name}
 %patch254 -p1
 %patch255 -p1
 %patch256 -p1
+%patch257 -p1
 popd
 
 # System library fixes
@@ -2250,6 +2252,9 @@ cjc.mainProgram(arg)
 %endif
 
 %changelog
+* Fri Sep 16 2022 kuenking111 <wangkun49@huawei.com> - 1:1.8.0.342-b07.8
+- add 8200332-Improve-GCM-counting.patch
+
 * Fri Sep 16 2022 kuenking111 <wangkun49@huawei.com> - 1:1.8.0.342-b07.7
 - add 8202951-Support-default-jsa.patch
 
-- 
Gitee