RFR: 8298127: HSS/LMS Signature Verification [v9]

Weijun Wang weijun at openjdk.org
Wed May 10 21:27:58 UTC 2023


On Wed, 10 May 2023 15:20:50 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:

>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC 8554. LMS is an approved software signing algorithm for CNSA 2.0, with SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
> 
>   serialization fixes, more code shaping

src/java.base/share/classes/sun/security/provider/HSS.java line 672:

> 670:     }
> 671: 
> 672:     static class HSSPublicKey extends X509Key implements Serializable {

Why not implement `Length` anymore? This is useful when you want to print out information of the key or restrict weak keys.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1190408445


More information about the security-dev mailing list