RFR: 8298127: HSS/LMS Signature Verification [v5]
Ferenc Rakoczi
duke at openjdk.org
Mon May 8 14:17:21 UTC 2023
On Mon, 8 May 2023 12:59:05 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>>
>> adding key translation, finally block, removing 24-byte LMOTS parameters
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 746:
>
>> 744: @Override
>> 745: protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
>> 746: if (key.getFormat().equals("X.509") && key.getAlgorithm().equals("HSS/LMS")) {
>
> Should check if `key` is `null` and if so, throw `InvalidKeySpecExc`.
Done.
> src/java.base/share/classes/sun/security/provider/HSS.java line 746:
>
>> 744: @Override
>> 745: protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
>> 746: if (key.getFormat().equals("X.509") && key.getAlgorithm().equals("HSS/LMS")) {
>
> Standard names are case-insensitive, so should use `equalsIgnoreCase`.
Changed.
> src/java.base/share/classes/sun/security/provider/HSS.java line 796:
>
>> 794:
>> 795: @Override
>> 796: @SuppressWarnings("deprecation")
>
> Why do you need the `SuppressWarnings` annotation here? `sun.util.Length.length()` is not deprecated.
Without that, I get:
/Users/ferakocz/dev/git-repos/jdk/open/src/java.base/share/classes/sun/security/provider/HSS.java:813: warning: [deprecation] key in X509Key has been deprecated
key = new DerOutputStream().putOctetString(keyArray).toByteArray();
^
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187496671
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187496730
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187496615
More information about the security-dev
mailing list