RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v9]
Weijun Wang
weijun at openjdk.org
Mon Oct 20 20:47:51 UTC 2025
On Mon, 20 Oct 2025 20:11:39 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8367008: Updated the EqualsHashCode Test based on review comments moving from the wrapped exceptions version to the Asserts
test/jdk/sun/security/x509/AlgorithmId/AlgorithmIdEqualsHashCode.java line 27:
> 25: * @test
> 26: * @author Gary Ellison
> 27: * @bug 4170635 8258247
Please add 8367008 to `@bug`.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27700#discussion_r2446072591
More information about the security-dev
mailing list