RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v9]
Koushik Muthukrishnan Thirupattur
duke at openjdk.org
Mon Oct 20 20:11:39 UTC 2025
> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
8367008: Updated the EqualsHashCode Test based on review comments moving from the wrapped exceptions version to the Asserts
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/27700/files
- new: https://git.openjdk.org/jdk/pull/27700/files/ed3d2ac3..3718e21f
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=08
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=07-08
Stats: 51 lines in 1 file changed: 3 ins; 36 del; 12 mod
Patch: https://git.openjdk.org/jdk/pull/27700.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/27700/head:pull/27700
PR: https://git.openjdk.org/jdk/pull/27700
More information about the security-dev
mailing list