-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: 24, 25, 26, 27
-
Component/s: security-libs
-
b08
-
generic
-
generic
Currently in ML-KEM's 12-bit decompression method (twelve2sixteen()) the assertion is incorrect for the AVX implementation:
assert ((remainder == 0) || (remainder == 48)) &&
(index + i * 96 <= condensed.length);
implKyber12To16(condensed, index, parsed, parsedLength);
From [~frakoczi]: "All of the calls are processing 192 or 384 bytes (and producing 128 or 256 shorts)."
The assert() was made for the aarch64 implementation. The AVX one needs stricter preconditions (which all calling code provides). With these stricter preconditions, the aarch64 implementation can be simplified.
assert ((remainder == 0) || (remainder == 48)) &&
(index + i * 96 <= condensed.length);
implKyber12To16(condensed, index, parsed, parsedLength);
From [~frakoczi]: "All of the calls are processing 192 or 384 bytes (and producing 128 or 256 shorts)."
The assert() was made for the aarch64 implementation. The AVX one needs stricter preconditions (which all calling code provides). With these stricter preconditions, the aarch64 implementation can be simplified.
- links to
-
Commit(master)
openjdk/jdk/99119597
-
Review(master)
openjdk/jdk/29141