RFR: 8172366: Support SHA-3 based signatures
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Thu Sep 10 17:22:36 UTC 2020
On Thu, 10 Sep 2020 01:58:09 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> Could someone please help review this RFE?
>
> Enhance default JDK providers except SunPKCS11 with signatures using SHA-3 family of digests. SunPKCS11 provider will
> be updated separately (JDK-8242332).
> This changes covers SUN, SunRsaSign, and SunEC providers. Changes are straightforward, just add SHA-3 digests to
> various signature algorithms.
> Please review the corresponding CSR as well. It's at: https://bugs.openjdk.java.net/browse/JDK-8252260
>
> Thanks!
> Valerie
src/java.base/share/classes/sun/security/provider/DSA.java line 514:
> 512: }
> 513: }
> 514: public static final class SHA3_224withDSAinP1363Format extends DSA {
Missed the blank line.
BTW, to be consistent with other styles, do you want to add class specs (/**-*/) for the new added classes? just like
what you did for SHA512withDSAinP1363Format.
src/java.base/share/classes/sun/security/rsa/RSAPSSSignature.java line 279:
> 277: if (key != null) {
> 278: try {
> 279: int hLen = DIGEST_LENGTHS.get(KnownOIDs.findMatch(digestAlgo));
Is it possible the disgestAlgo unknown, and result in NullPointerException while casting null to int? I think it is
safe to check the existence as you did in line 218-213.
-------------
PR: https://git.openjdk.java.net/jdk/pull/102
More information about the security-dev
mailing list