RFR: 8298127: HSS/LMS Signature Verification [v10]
Weijun Wang
weijun at openjdk.org
Thu May 11 17:31:48 UTC 2023
On Thu, 11 May 2023 16:33:25 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Reintroduced Length for HSSPublicKey, added more @Override annotations
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 719:
>
>> 717:
>> 718: @java.io.Serial
>> 719: protected Object writeReplace() throws java.io.ObjectStreamException {
>
> I think the serialized form of an HSSPublicKey should also be specified in the CSR since this Key is returned from a standard API. I think you can add a simple sentence such as:
>
> "The Keys returned by an "HSS/LMS" `KeyFactory` are `Serializable` and use `java.security.KeyRep` as its serialized representation with the fields set as follows: type = `KeyRep.Type.PUBLIC`, algorithm = "HSS/LMS", format = "X.509", and encoded = the DER encoded bytes ..."
I added a paragraph to the CSR, although it's already approved several days ago.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1191492222
More information about the security-dev
mailing list