On Thu, 30 Nov 2023 16:13:09 GMT, Ferenc Rakoczi <d...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> reword comment > > src/java.base/share/classes/sun/security/pkcs/SignerInfo.java line 526: > >> 524: break; >> 525: case "HSS/LMS": >> 526: // RFC 8708 requires the same hash algorithm used as in >> the HSS/LMS algorithm > > Actually it is RFC 8554 that requires it, RFC 8708 just references RFC 8554 I mean, RFC 8708 requires that the hash algorithm used by the HSS/LMS signature (which should be a single one used in every corner of HSS/LMS, as required by RFC 8554) should be the same as the `digestAlgorithm` in the CMS `SignerInfo` object. See RFC 8708 Section 5: > digestAlgorithm MUST contain the one-way hash function used in the HSS/LMS > tree. https://www.rfc-editor.org/rfc/rfc8708.html#name-signed-data-conventions ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/14254#discussion_r1410918418
