RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v2]
Weijun Wang
weijun at openjdk.org
Fri Oct 10 02:30:03 UTC 2025
On Thu, 9 Oct 2025 18:29:29 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with two additional commits since the last revision:
>
> - 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
> - 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
src/java.base/share/classes/sun/security/x509/AlgorithmId.java line 690:
> 688: ObjectIdentifier.of(KnownOIDs.HmacSHA256),
> 689: ObjectIdentifier.of(KnownOIDs.HmacSHA384),
> 690: ObjectIdentifier.of(KnownOIDs.HmacSHA512)
The "HMAC algorithm identifiers" section of https://www.rfc-editor.org/rfc/rfc9879.html#name-asn1-module also includes algid-hmacWithSHA512-224 and algid-hmacWithSHA512-256.
Also, I have always been wondering how SHA3 Hmac `AlgorithmId` are encoded. https://datatracker.ietf.org/doc/html/rfc9688#name-signature-algorithms says "the parameters field MUST be absent". Although I'm not sure if this is only in CMS, but I think it's worth adding a reference here explaining why those OIDs are not included.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27700#discussion_r2418356050
More information about the security-dev
mailing list