RFR: 8298127: HSS/LMS Signature Verification [v7]
Ferenc Rakoczi
duke at openjdk.org
Tue May 9 12:45:33 UTC 2023
On Mon, 8 May 2023 16:13:01 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Addressing more review comments from @wangweij and @seanjmullan
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 99:
>
>> 97: result &= lmsVerify(lmsPubKey, sig.siglist[sig.Nspk], messageStream.toByteArray());
>> 98: return result;
>> 99: } catch (Exception e) {
>
> Do we need this `catch`? I think only `SignatureException` can be thrown inside the `try` block.
No, we don't. Removed.
> src/java.base/share/classes/sun/security/provider/HSS.java line 383:
>
>> 381: final byte[] sigArr;
>> 382:
>> 383: public LMSignature(byte[] sigArray, int offset, boolean checkExactLen) throws SignatureException {
>
> The methods of `LMSignature` can be package-private.
Changed.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188534132
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188534269
More information about the security-dev
mailing list