RFR: 8298127: HSS/LMS Signature Verification [v5]

Sean Mullan mullan at openjdk.org
Fri May 5 15:07:18 UTC 2023 

On Tue, 2 May 2023 21:43:19 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:

>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC 8554. LMS is an approved software signing algorithm for CNSA 2.0, with SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
> 
>   adding key translation, finally block, removing 24-byte LMOTS parameters

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 30:

> 28: import java.security.spec.KeySpec;
> 29: 
> 30: public class RawKeySpec  implements KeySpec {

Nit, should be one space between `RawKeySpec` and `implements`.

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 30:

> 28: import java.security.spec.KeySpec;
> 29: 
> 30: public class RawKeySpec  implements KeySpec {

Can you add some comments describing this class?

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 31:

> 29: 
> 30: public class RawKeySpec  implements KeySpec {
> 31:     final private byte[] keyArr;

Put `private` before `final`.

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 33:

> 31:     final private byte[] keyArr;
> 32:     /**
> 33:      * The sole constructor

Nit: add period at end of sentence and an empty line after this (before the `@param`).

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 37:

> 35:      */
> 36:     public RawKeySpec(byte[] key) {
> 37:         keyArr = key.clone();

Does this need to be cloned if it is an internal class?

src/java.base/share/classes/sun/security/util/RawKeySpec.java line 41:

> 39: 
> 40:     /**
> 41:      * Getter function

Nit: add period at end of sentence and an empty line after this (before the @return).

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186201989
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186202683
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186205743
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186204113
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186204543
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1186205020

More information about the security-dev mailing list