RFR: 8302233: HSS/LMS: keytool and jarsigner changes [v5]
Sean Mullan
mullan at openjdk.org
Mon Nov 27 18:51:09 UTC 2023
On Mon, 27 Nov 2023 14:09:42 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Code changes for HSS/LMS that's related to keytool and jarsigner:
>>
>> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it can only be `HSS/LMS`.
>> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be the same as the hash algorithm used by the HSS/LMS key. This needs to be enforced both at signing and verification.
>> 3. HSS/LMS reuses `.DSA` as the signature block file extension inside a signed JAR file
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> no need to talk about the limitation here
Looks good - one minor comment. However, I still would like @ferakocz to review the `KeyUtil.hashAlgFromHSS` method.
src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java line 190:
> 188: * signature verification process actually does not require the
> 189: * extension matches the key algorithm as long as it's one of
> 190: * "RSA", "DSA", and "EC".
Some minor wording suggestions on second sentence: "This is safe because the signature verification process does not require the extension to match the key algorithm as long as it is "RSA", "DSA", or "EC."
-------------
Marked as reviewed by mullan (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/14254#pullrequestreview-1751025651
PR Review Comment: https://git.openjdk.org/jdk/pull/14254#discussion_r1406532964
More information about the security-dev
mailing list