On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi <d...@openjdk.org> wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC >> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with >> SHA-256/192 parameters recommended. > > Ferenc Rakoczi has updated the pull request incrementally with one additional > commit since the last revision: > > Reintroduced Length for HSSPublicKey, added more @Override annotations src/java.base/share/classes/sun/security/provider/HSS.java line 622: > 620: var val = new DerValue(new > ByteArrayInputStream(x.getEncoded())); > 621: val.data.getDerValue(); > 622: return new HSSPublicKey(new > DerValue(val.data.getBitString()).getOctetString()); The 2 lines above cannot detect wrong algorithm identifier and garbage data at the end. Now that you already have `parseBits` implementation, you should follow the usual `X509Key` convention to create a new `HSSPublicKey` constructor that takes in the whole encoding and call `decode` to decode it. See `ECKeyFactory` and `ECPublicKeyImpl.java` for an example. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1191340263
