RFR: 8298127: HSS/LMS Signature Verification [v8]
Weijun Wang
weijun at openjdk.org
Tue May 9 14:30:06 UTC 2023
On Tue, 9 May 2023 13:38:42 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>>
>> agreeing with the newest review comments
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 661:
>
>> 659:
>> 660: @SuppressWarnings("deprecation")
>> 661: HSSPublicKey(byte[] keyArray) throws InvalidKeyException {
>
> [I deleted my earlier comment]
>
> I am wondering why you don't call `super()` or `decode()` and override `parseKeyBits()` like other `X509Key` subclasses.
>
> You should also override `writeReplace` so that serialization uses an alternate form when serializing.
>
> It would probably be useful to override `toString()` as well. See other `X509Key` subclasses for more details.
Yes, I also think with `writeReplace` you can make `L` and `lmsPublicKey` transient and there is no need to make `LMSPublicKey` serializable.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1188692818
More information about the security-dev
mailing list