RFR: 8367008: Algorithm identifiers for HmacSHA* should always have NULL as params [v10]
duke
duke at openjdk.org
Wed Oct 22 20:43:27 UTC 2025
On Mon, 20 Oct 2025 20:47:48 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> Looking at RFC 9879 on PBES2 and PBMAC1 in PKCS12, algorithm identifiers for HmacSHA*** (like SHA***) should always contain NULL as params. We can update the list at AlgorithmId.encode(DOS) to enforce this rule.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8367008: Added bug id
@koushikthirupattur
Your change (at version b17f69ff732e2a7f276e48a75d58e50667eff769) is now ready to be sponsored by a Committer.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/27700#issuecomment-3434138754
More information about the security-dev
mailing list