RFR: 8298127: HSS/LMS Signature Verification [v4]
Weijun Wang
weijun at openjdk.org
Tue May 2 20:53:19 UTC 2023
On Tue, 2 May 2023 20:44:27 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC 8554. LMS is an approved software signing algorithm for CNSA 2.0, with SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR. The pull request contains one new commit since the last revision:
>
> addressing more review comments
src/java.base/share/classes/sun/security/provider/HSS.java line 91:
> 89: return result;
> 90: } catch (Exception e) {
> 91: messageStream.reset();
You can put this line in a `finally` block.
src/java.base/share/classes/sun/security/provider/HSS.java line 585:
> 583: params = new LMOTSParams(lmotsType, 32, 8, 0, 34, "SHA-256");
> 584: break;
> 585: case LMSUtils.LMOTS_SHA256_N24_W1:
Since you commented out the LMS constants for SHA-256/192. Do you want to do the same here?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1183034005
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1183037689
More information about the security-dev
mailing list