RFR: 8298127: HSS/LMS Signature Verification [v7]

Ferenc Rakoczi duke at openjdk.org
Tue May 9 12:45:38 UTC 2023


On Mon, 8 May 2023 16:29:49 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   Addressing more review comments from @wangweij and @seanjmullan
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 106:
> 
>> 104:     }
>> 105: 
>> 106:     protected boolean lmsVerify(LMSPublicKey lmsPublicKey, LMSignature sig, byte[] message) throws SignatureException {
> 
> We probably should put this method into an inner class and make it static.

Good idea. I moved it to LMSUtils.

> src/java.base/share/classes/sun/security/provider/HSS.java line 158:
> 
>> 156:             }
>> 157:             return lmsPublicKey.isT1(tmpMsg, 22 + m);
>> 158:         } catch (Exception e) {
> 
> Avoid using `catch (Exception e)` because that's too wide. In fact, here it seems the only checked exceptions that can be caught is `NoSuchAlgorithmException | DigestException`. I think we've agreed to throw `ProviderException` for them.

Changed.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188533636
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188533908


More information about the security-dev mailing list