RFR: 8298387: Implementing ML-DSA signature algorithm
Jamil Nimeh
jnimeh at openjdk.org
Tue Oct 8 16:31:58 UTC 2024
On Fri, 4 Oct 2024 20:59:45 GMT, Ben Perez <bperez at openjdk.org> wrote:
> Java implementation of ML-DSA, the FIPS 204 post-quantum signature scheme https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf. Depends on https://github.com/openjdk/jdk/pull/21167
src/java.base/share/classes/sun/security/provider/ML_DSA.java line 659:
> 657:
> 658: //Check verify conditions
> 659: boolean hashEq = Arrays.equals(sig.commitmentHash(), cTildePrime);
Do we want a constant-time array check here and use `MessageDigest.isEqual()` instead?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21364#discussion_r1792184664
More information about the security-dev
mailing list