RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v2]
Koushik Muthukrishnan Thirupattur
duke at openjdk.org
Thu Oct 9 18:29:29 UTC 2025
> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with two additional commits since the last revision:
- 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
- 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/27700/files
- new: https://git.openjdk.org/jdk/pull/27700/files/e7fc886f..3213fe68
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=00-01
Stats: 10 lines in 2 files changed: 5 ins; 0 del; 5 mod
Patch: https://git.openjdk.org/jdk/pull/27700.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/27700/head:pull/27700
PR: https://git.openjdk.org/jdk/pull/27700
More information about the security-dev
mailing list