RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v5]
Weijun Wang
weijun at openjdk.org
Fri Oct 17 03:12:05 UTC 2025
On Sun, 12 Oct 2025 01:26:43 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params
Marked as reviewed by weijun (Reviewer).
-------------
PR Review: https://git.openjdk.org/jdk/pull/27700#pullrequestreview-3347880709
More information about the security-dev
mailing list