RFR: 8298127: HSS/LMS Signature Verification [v17]
Sean Mullan
mullan at openjdk.org
Wed May 24 16:26:20 UTC 2023
On Thu, 18 May 2023 19:11:32 GMT, Ferenc Rakoczi <duke at openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC 8554. LMS is an approved software signing algorithm for CNSA 2.0, with SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional commit since the last revision:
>
> Removed dead code, accepted code style suggestions.
src/java.base/share/classes/sun/security/provider/HSS.java line 58:
> 56:
> 57: @Override
> 58: protected void engineInitSign(PrivateKey privateKey)
I think you should also override `engineInitSign(PrivateKey, SecureRandom)` even though the default impl. calls `engineInitSign(PrivateKey)`. It also assigns the `SecureRandom` to the protected `appRandom` field, which is probably best avoided.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1204473301
More information about the security-dev
mailing list