RFR: 8351351: Pre-hash mode, context string, etc for ML-DSA [v2]
Artur Barashev
abarashev at openjdk.org
Thu Feb 12 21:07:39 UTC 2026
On Wed, 11 Feb 2026 19:11:21 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Add a new `SignatureParameterSpec` internal API to fully utilize the capabilities of ML-DSA. The updated ACVP test demonstrates its usage.
>>
>> The new API is internal because it's not yet clear how to provide this feature to users. A key should not be shared between plain ML-DSA and HashML-DSA, but context can. Features like `internal` and `externalMu` should only be used for very special occasions.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> rename
src/java.base/share/classes/sun/security/provider/SignatureMessageAccumulator.java line 2:
> 1: /*
> 2: * Copyright (c) 2025, Oracle and/or its affiliates. All rights reserved.
Should we update the copyright year here and in other files?
src/java.base/share/classes/sun/security/util/InternalSignatureParameterSpec.java line 80:
> 78: * feature strings.
> 79: *
> 80: * @param preHash the preHash algorithm to use; {@code null} if none.
Nit: [FIPS 204](https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.204.pdf) is using `pre-hash` wording. I think that's what we should use in javadoc and in the comments.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23934#discussion_r2801059408
PR Review Comment: https://git.openjdk.org/jdk/pull/23934#discussion_r2801056056
More information about the security-dev
mailing list