[15] RFR 8172680: Support SHA-3 based Hmac algorithms
Weijun Wang
weijun.wang at oracle.com
Fri Mar 20 00:57:44 UTC 2020
Are we going to add the new OIDs/names to AlgorithmId.java? There are quite some duplicated info everywhere.
Thanks,
Max
> On Mar 20, 2020, at 8:07 AM, Valerie Peng <valerie.peng at oracle.com> wrote:
>
> Webrev updated: http://cr.openjdk.java.net/~valeriep/8172680/webrev.01/
>
> Thanks,
> Valerie
> On 3/19/2020 1:33 PM, Valerie Peng wrote:
>> Hi Bernd,
>>
>> Thanks for the comments~ Please find additional reply inline.
>>
>> On 3/18/2020 4:06 PM, Bernd Eckenfels wrote:
>>> Hello Valerie.
>>>
>>> In MacKAT 121 you would get a NPE if the catch prints the skip message, probably needs an additional return; guard?
>> Good catch, will add a return.
>>
>>>
>>> The BAOS default length change in parse() was not immediately clear to me? (Maybe next s. Base64?)
>> Some of the test values use ":" as a separator. When such separator is present, it takes a longer string to represent the same number of bytes. So, depending on whether the separator is used, the default number of bytes is calculated differently.
>>
>>>
>>> BTW It is good to see that you also add truncated SHA512 variants. It's not mentioned in commit message or RFE.
>> Support for the truncated SHA512 variants is mainly done in a separate/earlier RFE, i.e. JDK-8051408 (https://bugs.openjdk.java.net/browse/JDK-8051408). I only added the missing OIDs and the supporting classes, i.e. KeyGenerator for Hmac w/ truncated SHA512 variants. I can add a comment to the RFE to make this clear.
>>
>> Regards,
>>
>> Valerie
>>
>>>
>>> hTH
>>> Bernd
>>>
>>>
>>>
>>> --
>>> http://bernd.eckenfels.net
>>> Von: security-dev <security-dev-bounces at openjdk.java.net> im Auftrag von Valerie Peng <valerie.peng at oracle.com>
>>> Gesendet: Wednesday, March 18, 2020 11:57:37 PM
>>> An: OpenJDK Dev list <security-dev at openjdk.java.net>
>>> Betreff: [15] RFR 8172680: Support SHA-3 based Hmac algorithms
>>>
>>>
>>> Anyone has time to help review this straight forward RFE? It's to add
>>> SHA-3 support to Hmac.
>>>
>>> RFE: https://bugs.openjdk.java.net/browse/JDK-8172680
>>>
>>> Webrev: http://cr.openjdk.java.net/~valeriep/8172680/webrev.00/
>>>
>>> Mach5 run is clean.
>>>
>>> Thanks,
>>> Valerie
More information about the security-dev
mailing list