RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v5]
Koushik Muthukrishnan Thirupattur
duke at openjdk.org
Sun Oct 12 01:26:43 UTC 2025
> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/27700/files
- new: https://git.openjdk.org/jdk/pull/27700/files/2ae9355e..dab47e75
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=04
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=03-04
Stats: 36 lines in 1 file changed: 0 ins; 0 del; 36 mod
Patch: https://git.openjdk.org/jdk/pull/27700.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/27700/head:pull/27700
PR: https://git.openjdk.org/jdk/pull/27700
More information about the security-dev
mailing list