RFR: 8298127: HSS/LMS Signature Verification [v8]
Sean Mullan
mullan at openjdk.org
Tue May 9 13:59:37 UTC 2023
On Tue, 9 May 2023 12:45:27 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC 8554. LMS is an approved software signing algorithm for CNSA 2.0, with SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>
> agreeing with the newest review comments
src/java.base/share/classes/sun/security/provider/HSS.java line 661:
> 659:
> 660: @SuppressWarnings("deprecation")
> 661: HSSPublicKey(byte[] keyArray) throws InvalidKeyException {
[I deleted my earlier comment]
I am wondering why you don't call `super()` or `decode()` and override `parseKeyBits()` like other `X509Key` subclasses.
You should also override `writeReplace` so that serialization uses an alternate form when serializing.
It would probably be useful to override `toString()` as well. See other `X509Key` subclasses for more details.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188615922
More information about the security-dev
mailing list