On Mon, 8 May 2023 14:58:00 GMT, Ferenc Rakoczi <d...@openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Addressing more review comments from @wangweij and @seanjmullan
src/java.base/share/classes/sun/security/provider/HSS.java line 99:
> 97: result &= lmsVerify(lmsPubKey, sig.siglist[sig.Nspk],
> messageStream.toByteArray());
> 98: return result;
> 99: } catch (Exception e) {
Do we need this `catch`? I think only `SignatureException` can be thrown inside
the `try` block.
src/java.base/share/classes/sun/security/provider/HSS.java line 172:
> 170: private final byte[] T1;
> 171:
> 172: public static LMSPublicKey of(byte[] keyArray) throws
> InvalidKeyException {
The methods of `LMSPublicKey` can be package-private.
src/java.base/share/classes/sun/security/provider/HSS.java line 383:
> 381: final byte[] sigArr;
> 382:
> 383: public LMSignature(byte[] sigArray, int offset, boolean
> checkExactLen) throws SignatureException {
The methods of `LMSignature` can be package-private.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187628502
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187624026
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1187624515
