RFR: 8349732: Add support for JARs signed with ML-DSA [v12]
Weijun Wang
weijun at openjdk.org
Fri Nov 7 14:39:04 UTC 2025
On Thu, 6 Nov 2025 19:31:05 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with two additional commits since the last revision:
>>
>> - rename DataFecther to RepositoryFileReader
>> - more comments for DataFetcher
>
> test/jdk/sun/security/tools/jarsigner/ML_DSA.java line 81:
>
>> 79: jf.getInputStream(je).readAllBytes();
>> 80: Asserts.assertEquals(1, je.getCertificates().length);
>> 81: checkDigestAlgorithm(jf, signer, KnownOIDs.SHA_512);
>
> So there is currently no way to specify a different digest algorithm?
No. As you can see, ML-DSA is the first algorithm that there are more than one digest algorithm can pass the `algorithmsConformanceCheck` check.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2503879708
More information about the security-dev
mailing list