RFR: 8349732: Add support for JARs signed with ML-DSA [v4]
Matthew Donovan
mdonovan at openjdk.org
Thu Oct 30 17:07:41 UTC 2025
On Thu, 30 Oct 2025 16:34:12 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Add support for ML-DSA signing of JAR files.
>>
>> Note: https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-ml-dsa/ is not finalized.
>>
>> Update: it is published as https://datatracker.ietf.org/doc/rfc9882/.
>
> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains five commits:
>
> - Merge branch 'master' into 8349732
> - rfc; test
> - some rename
> - Merge branch 'master' into 8349732
> - the fix
test/lib/jdk/test/lib/security/DataFetcher.java line 59:
> 57: /// @param zipPrefix the common prefix for each entry in the ZIP file
> 58: /// @param entry the entry name without `zipPrefix`
> 59: public static byte[] fetchData(Class<?> klass, String zipPrefix, String entry)
Should this method be in `ArtifactResolver` instead or maybe just in the test itself? I don't see a general use for this based on other tests that use external "artifacts."
test/lib/jdk/test/lib/security/DataFetcher.java line 101:
> 99: extension = "zip",
> 100: unpack = false)
> 101: public static class DILITHIUM_CERTIFICATES {
I think these should be defined in the tests where they are used.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2478860158
PR Review Comment: https://git.openjdk.org/jdk/pull/26563#discussion_r2478863336
More information about the security-dev
mailing list