On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi <d...@openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Reintroduced Length for HSSPublicKey, added more @Override annotations
src/java.base/share/classes/sun/security/provider/HSS.java line 620:
> 618: if (keySpec instanceof X509EncodedKeySpec x) {
> 619: try {
> 620: var val = new DerValue(new
> ByteArrayInputStream(x.getEncoded()));
Do not use `ByteArrayInputStream`, just use `new DerValue(x.getEncoded())`.
Otherwise, the encoding might contain extra garbage bytes at the end and we
still accept it.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1191332259
