RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v10]
Koushik Muthukrishnan Thirupattur
duke at openjdk.org
Mon Oct 20 20:47:48 UTC 2025
> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
8367008: Added bug id
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/27700/files
- new: https://git.openjdk.org/jdk/pull/27700/files/3718e21f..b17f69ff
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=09
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=27700&range=08-09
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/27700.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/27700/head:pull/27700
PR: https://git.openjdk.org/jdk/pull/27700
More information about the security-dev
mailing list